itigic.com Open in urlscan Pro
52.19.6.38 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/ 
Effective URL:
https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Submission: On May 07 via api (May 7th 2021, 5:42:41 pm UTC) from US

Summary HTTP 485 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 66 IPs in 10 countries across 66 domains to perform 485 HTTP transactions. The main IP is 52.19.6.38, located in Dublin, Ireland and belongs to AMAZON-02, US. The main domain is itigic.com.
TLS certificate: Issued by R3 on April 13th 2021. Valid for: 3 months.

This is the only time itigic.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 75	52.19.6.38 52.19.6.38	16509 (AMAZON-02) (AMAZON-02)
64	142.250.185.226 142.250.185.226	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3032::ac43:b890	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	65.9.86.127 65.9.86.127	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:831::200a	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2008	15169 (GOOGLE) (GOOGLE)
7	2600:9000:201... 2600:9000:2017:c400:2:cb38:840:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2606:4700:303... 2606:4700:3036::6815:325d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
10	18.156.95.187 18.156.95.187	16509 (AMAZON-02) (AMAZON-02)
15	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:80e::200e	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:811::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
33	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2001	15169 (GOOGLE) (GOOGLE)
34	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c04::9a	15169 (GOOGLE) (GOOGLE)
2 4	2620:116:800d... 2620:116:800d:21:51e4:db4b:4436:b305	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:210... 2600:9000:2104:da00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	51.255.81.138 51.255.81.138	16276 (OVH) (OVH)
9	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
35	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
1 4	2a02:2638::1c 2a02:2638::1c	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
2	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	213.19.147.43 213.19.147.43	26120 (RHYTHMONE) (RHYTHMONE)
12	37.252.172.38 37.252.172.38	29990 (ASN-APPNEX) (ASN-APPNEX)
11	2.18.235.93 2.18.235.93	16625 (AKAMAI-AS) (AKAMAI-AS)
1	178.250.2.131 178.250.2.131	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	136.144.59.88 136.144.59.88	54825 (PACKET) (PACKET)
1	185.64.189.112 185.64.189.112	62713 (AS-PUBMATIC) (AS-PUBMATIC)
2	51.89.9.251 51.89.9.251	16276 (OVH) (OVH)
1	23.37.38.181 23.37.38.181	16625 (AKAMAI-AS) (AKAMAI-AS)
1 9	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
30	2a00:1450:400... 2a00:1450:4001:811::2001	15169 (GOOGLE) (GOOGLE)
2 9	2a00:1450:400... 2a00:1450:4001:80e::2004	15169 (GOOGLE) (GOOGLE)
3 7	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
2	2a02:2638:1::3 2a02:2638:1::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	54.36.109.22 54.36.109.22	16276 (OVH) (OVH)
4	2.18.233.180 2.18.233.180	16625 (AKAMAI-AS) (AKAMAI-AS)
3	151.101.113.108 151.101.113.108	54113 (FASTLY) (FASTLY)
1 7	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
1 5	2a00:1288:110... 2a00:1288:110:c305::8000	34010 (YAHOO-IRD) (YAHOO-IRD)
2 2	3.125.99.7 3.125.99.7	16509 (AMAZON-02) (AMAZON-02)
3 4	18.184.169.195 18.184.169.195	16509 (AMAZON-02) (AMAZON-02)
1 1	65.9.73.70 65.9.73.70	16509 (AMAZON-02) (AMAZON-02)
4 4	185.29.135.190 185.29.135.190	30419 (MEDIAMATH...) (MEDIAMATH-INC)
3 3	37.157.6.252 37.157.6.252	198622 (ADFORM) (ADFORM)
3 6	34.250.165.246 34.250.165.246	16509 (AMAZON-02) (AMAZON-02)
6 8	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
1 3	23.79.143.124 23.79.143.124	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
1 1	64.202.112.127 64.202.112.127	23352 (SERVERCEN...) (SERVERCENTRAL)
1	52.44.75.235 52.44.75.235	14618 (AMAZON-AES) (AMAZON-AES)
2 2	18.196.131.255 18.196.131.255	16509 (AMAZON-02) (AMAZON-02)
2 2	2001:678:cb4:... 2001:678:cb4:bbbb::11	56396 (TURN) (TURN)
1	185.64.189.115 185.64.189.115	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	54.239.17.112 54.239.17.112	16509 (AMAZON-02) (AMAZON-02)
2 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
5 9	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1	178.250.0.163 178.250.0.163	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	85.114.159.93 85.114.159.93	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
11	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1	173.231.181.122 173.231.181.122	29791 (VOXEL-DOT...) (VOXEL-DOT-NET)
3 3	213.19.147.45 213.19.147.45	3356 (LEVEL3) (LEVEL3)
1	2606:4700:303... 2606:4700:3039::6815:c03b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	162.55.6.211 162.55.6.211	24940 (HETZNER-AS) (HETZNER-AS)
1 2	2606:4700::68... 2606:4700::6812:c05	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	198.148.27.140 198.148.27.140	19189 (PULSEPOINT) (PULSEPOINT)
1	2606:4700:10:... 2606:4700:10::6816:1957	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	185.64.189.114 185.64.189.114	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 1	159.65.197.210 159.65.197.210	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	2a02:fa8:8806... 2a02:fa8:8806:20::2010	41041 (VCLK-EU-SE) (VCLK-EU-SE)
1 1	34.98.107.212 34.98.107.212	15169 (GOOGLE) (GOOGLE)
1 1	37.252.172.45 37.252.172.45	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	52.18.52.16 52.18.52.16	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
3	2a00:1450:400... 2a00:1450:4001:810::2001	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2006	15169 (GOOGLE) (GOOGLE)
1	185.64.190.81 185.64.190.81	62713 (AS-PUBMATIC) (AS-PUBMATIC)
485	66

75 52.19.6.38 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

itigic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 142.250.185.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3032::ac43:b890 (United States)

ASN13335 (CLOUDFLARENET, US)

go.ezodn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 65.9.86.127 (United States)

ASN16509 (AMAZON-02, US)

c.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2600:9000:2017:c400:2:cb38:840:93a1 (United States)

ASN16509 (AMAZON-02, US)

go.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:3036::6815:325d (United States)

ASN13335 (CLOUDFLARENET, US)

tdns3.gtranslate.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 18.156.95.187 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com

g.ezoic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80e::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:811::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

translate.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:116:800d:21:51e4:db4b:4436:b305 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2104:da00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.255.81.138 (France)

ASN16276 (OVH, FR)
PTR: ns3037287.ip-51-255-81.eu

www.redeszone.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.ch	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:2638::1c (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.19.147.43 (United Kingdom)

ASN26120 (RHYTHMONE, US)

tag.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 37.252.172.38 (Frankfurt am Main, Germany)

ASN29990 (ASN-APPNEX, US)
PTR: 690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 2.18.235.93 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-235-93.deploy.static.akamaitechnologies.com

prebid.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cslogger.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cs.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.2.131 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.am5.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.144.59.88 (Secaucus, United States)

ASN54825 (PACKET, US)

prebid.a-mo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.112 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

hbopenbid.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 51.89.9.251 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip251.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.37.38.181 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-37-38-181.deploy.static.akamaitechnologies.com

htlb.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 35.244.159.8 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

ezoic-d.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eu-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

30 2a00:1450:4001:811::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

cdn.ampproject.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:80e::2004 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.36.109.22 (France)

ASN16276 (OVH, FR)
PTR: p09.id5-sync.com

id5-sync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2.18.233.180 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-233-180.deploy.static.akamaitechnologies.com

ads.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.108 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

acdn.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2.18.234.21 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

js-sec.indexww.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ssum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1288:110:c305::8000 (United Kingdom) 1 redirects

ASN34010 (YAHOO-IRD, GB)

pr-bh.ybp.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.125.99.7 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

pm.w55c.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 18.184.169.195 (Frankfurt am Main, Germany) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-184-169-195.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.73.70 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cm.smadex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.29.135.190 (United Kingdom) 4 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.157.6.252 (Denmark) 3 redirects

ASN198622 (ADFORM, DK)
PTR: s1.adform.net

c1.adform.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 34.250.165.246 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.162 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 23.79.143.124 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-124.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.0.160.128 (United States) 1 redirects

ASN54312 (ROCKETFUEL, US)

p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 64.202.112.127 (United States) 1 redirects

ASN23352 (SERVERCENTRAL, US)
PTR: ny.outbrain.com

b1sync.zemanta.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.44.75.235 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-44-75-235.compute-1.amazonaws.com

track-east.mobileadtrading.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.196.131.255 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

rtb.mfadsrvr.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:678:cb4:bbbb::11 (United Kingdom) 2 redirects

ASN56396 (TURN, GB)

ad.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.115 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.239.17.112 (Ashburn, United States) 1 redirects

ASN16509 (AMAZON-02, US)

s.amazon-adsystem.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 69.173.144.139 (Frankfurt am Main, Germany) 5 redirects

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

dis.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.114.159.93 (Germany) 1 redirects

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

dsp.adfarm1.adition.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 173.231.181.122 (United States)

ASN29791 (VOXEL-DOT-NET, US)

cm.adgrx.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.19.147.45 (United Kingdom) 3 redirects

ASN3356 (LEVEL3, US)

sync.1rx.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync.targeting.unrulymedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3039::6815:c03b (United States)

ASN13335 (CLOUDFLARENET, US)

ad4m.at	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 162.55.6.211 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.211.6.55.162.clients.your-server.de

csync.loopme.me	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:c05 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 198.148.27.140 (New York, United States) 1 redirects

ASN19189 (PULSEPOINT, US)

bh.contextweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:1957 (United States)

ASN13335 (CLOUDFLARENET, US)

mwzeom.zeotap.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.114 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.65.197.210 (Amsterdam, Netherlands) 1 redirects

ASN14061 (DIGITALOCEAN-ASN, US)

match.adsby.bidtheatre.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:fa8:8806:20::2010 (United States)

ASN41041 (VCLK-EU-SE, US)

pubmatic-match.dotomi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.107.212 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)

ads.playground.xyz	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 37.252.172.45 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 693.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.18.52.16 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)

rtb.gumgum.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:810::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

lh3.googleusercontent.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

simage4.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
77	doubleclick.net 6 redirects securepubads.g.doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	285 KB
75	itigic.com 1 redirects itigic.com	379 KB
46	googlesyndication.com 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com	208 KB
42	google.com 2 redirects adservice.google.com www.google.com	5 KB
33	google.ch adservice.google.ch	5 KB
30	ampproject.org cdn.ampproject.org	642 KB
19	pubmatic.com hbopenbid.pubmatic.com ads.pubmatic.com image2.pubmatic.com Failed image6.pubmatic.com simage2.pubmatic.com image4.pubmatic.com simage4.pubmatic.com	55 KB
17	ezoic.net go.ezoic.net g.ezoic.net	12 KB
17	googleapis.com ajax.googleapis.com fonts.googleapis.com translate.googleapis.com	62 KB
16	adnxs.com 1 redirects ib.adnxs.com acdn.adnxs.com secure.adnxs.com	66 KB
15	gstatic.com fonts.gstatic.com	297 KB
12	rubiconproject.com 6 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com pixel.rubiconproject.com	16 KB
11	media.net prebid.media.net contextual.media.net cslogger.media.net cs.media.net	16 KB
9	openx.net 1 redirects ezoic-d.openx.net eu-u.openx.net us-u.openx.net	2 KB
8	yahoo.com 3 redirects pr-bh.ybp.yahoo.com ups.analytics.yahoo.com ads.yahoo.com	4 KB
8	criteo.com 1 redirects gum.criteo.com mug.criteo.com bidder.criteo.com dis.criteo.com	2 KB
6	adsrvr.org 3 redirects match.adsrvr.org	2 KB
6	casalemedia.com 1 redirects htlb.casalemedia.com ssum-sec.casalemedia.com dsum-sec.casalemedia.com	11 KB
5	yandex.com 2 redirects mc.yandex.com	2 KB
5	gtranslate.net tdns3.gtranslate.net	14 KB
5	amazon-adsystem.com 1 redirects c.amazon-adsystem.com s.amazon-adsystem.com	38 KB
4	rlcdn.com 2 redirects idsync.rlcdn.com id.rlcdn.com	886 B
4	mathtag.com 4 redirects sync.mathtag.com	2 KB
4	bidswitch.net 3 redirects x.bidswitch.net	1 KB
4	quantserve.com 2 redirects secure.quantserve.com pixel.quantserve.com	10 KB
3	googletagservices.com www.googletagservices.com	98 KB
3	googleusercontent.com lh3.googleusercontent.com	344 KB
3	adform.net 3 redirects c1.adform.net	1 KB
3	1rx.io 2 redirects tag.1rx.io sync.1rx.io	1 KB
2	tribalfusion.com 1 redirects a.tribalfusion.com s.tribalfusion.com	1 KB
2	turn.com 2 redirects ad.turn.com	1011 B
2	mfadsrvr.com 2 redirects rtb.mfadsrvr.com	1 KB
2	w55c.net 2 redirects pm.w55c.net	1 KB
2	indexww.com js-sec.indexww.com	2 KB
2	criteo.net static.criteo.net	51 KB
2	yandex.ru 1 redirects mc.yandex.ru	44 KB
2	onetag-sys.com onetag-sys.com	1 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	2mdn.net s0.2mdn.net	48 KB
1	gumgum.com 1 redirects rtb.gumgum.com	337 B
1	playground.xyz 1 redirects ads.playground.xyz	489 B
1	dotomi.com pubmatic-match.dotomi.com	104 B
1	bidtheatre.com 1 redirects match.adsby.bidtheatre.com	550 B
1	zeotap.com mwzeom.zeotap.com	596 B
1	contextweb.com 1 redirects bh.contextweb.com	595 B
1	loopme.me 1 redirects csync.loopme.me	212 B
1	ad4m.at ad4m.at	1 KB
1	unrulymedia.com 1 redirects sync.targeting.unrulymedia.com	535 B
1	adgrx.com cm.adgrx.com	408 B
1	adition.com 1 redirects dsp.adfarm1.adition.com	501 B
1	mobileadtrading.com track-east.mobileadtrading.com	44 B
1	zemanta.com 1 redirects b1sync.zemanta.com	375 B
1	rfihub.com 1 redirects p.rfihub.com	684 B
1	smadex.com 1 redirects cm.smadex.com	525 B
1	id5-sync.com id5-sync.com	528 B
1	a-mo.net prebid.a-mo.net	781 B
1	redeszone.net www.redeszone.net	69 KB
1	quantcount.com rules.quantcount.com	427 B
1	googletagmanager.com www.googletagmanager.com	35 KB
1	ezodn.com go.ezodn.com	82 KB
0	everesttech.net Failed sync-tm.everesttech.net Failed
0	perf-serving.com Failed prod.perf-serving.com Failed
0	simpli.fi Failed um.simpli.fi Failed
0	fiftyt.com Failed visitor.fiftyt.com Failed
0	semasio.net Failed uipglob.semasio.net Failed
0	deepintent.com Failed match.deepintent.com Failed
485	66

	Domain	Requested by
75	itigic.com	1 redirects itigic.com
64	securepubads.g.doubleclick.net	itigic.com securepubads.g.doubleclick.net
34	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com itigic.com cdn.ampproject.org 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
33	adservice.google.com	securepubads.g.doubleclick.net
33	adservice.google.ch	securepubads.g.doubleclick.net
30	cdn.ampproject.org	securepubads.g.doubleclick.net
15	fonts.gstatic.com	fonts.googleapis.com
12	ib.adnxs.com	go.ezodn.com acdn.adnxs.com
12	fonts.googleapis.com	itigic.com securepubads.g.doubleclick.net tpc.googlesyndication.com
11	simage2.pubmatic.com	ads.pubmatic.com
10	g.ezoic.net	itigic.com
9	www.google.com	2 redirects itigic.com 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
9	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
8	cm.g.doubleclick.net	6 redirects eu-u.openx.net eus.rubiconproject.com
8	contextual.media.net	go.ezodn.com contextual.media.net eus.rubiconproject.com
7	go.ezoic.net	itigic.com
6	match.adsrvr.org	3 redirects eu-u.openx.net ssum-sec.casalemedia.com eus.rubiconproject.com
5	token.rubiconproject.com	4 redirects eus.rubiconproject.com
5	pr-bh.ybp.yahoo.com	1 redirects eu-u.openx.net ssum-sec.casalemedia.com ads.pubmatic.com
5	mc.yandex.com	2 redirects
5	tdns3.gtranslate.net	itigic.com
4	pixel.rubiconproject.com	1 redirects eus.rubiconproject.com
4	sync.mathtag.com	4 redirects
4	us-u.openx.net	1 redirects eu-u.openx.net
4	x.bidswitch.net	3 redirects contextual.media.net
4	ads.pubmatic.com	go.ezodn.com contextual.media.net ads.pubmatic.com
4	eu-u.openx.net	go.ezodn.com eu-u.openx.net
4	googleads.g.doubleclick.net	itigic.com
4	gum.criteo.com	1 redirects static.criteo.net contextual.media.net
4	translate.googleapis.com	itigic.com
3	www.googletagservices.com	securepubads.g.doubleclick.net 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
3	lh3.googleusercontent.com	itigic.com securepubads.g.doubleclick.net cdn.ampproject.org
3	idsync.rlcdn.com	2 redirects ssum-sec.casalemedia.com
3	dsum-sec.casalemedia.com	1 redirects ssum-sec.casalemedia.com
3	c1.adform.net	3 redirects
3	acdn.adnxs.com	go.ezodn.com
3	pixel.quantserve.com	2 redirects itigic.com
3	3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
3	c.amazon-adsystem.com	itigic.com c.amazon-adsystem.com
2	sync.1rx.io	2 redirects
2	ups.analytics.yahoo.com	2 redirects
2	s.amazon-adsystem.com	1 redirects ssum-sec.casalemedia.com
2	ssum-sec.casalemedia.com	js-sec.indexww.com ssum-sec.casalemedia.com
2	ad.turn.com	2 redirects
2	rtb.mfadsrvr.com	2 redirects
2	eus.rubiconproject.com	contextual.media.net eus.rubiconproject.com
2	pm.w55c.net	2 redirects
2	js-sec.indexww.com	go.ezodn.com ssum-sec.casalemedia.com
2	static.criteo.net	go.ezodn.com static.criteo.net
2	mc.yandex.ru	1 redirects itigic.com
2	onetag-sys.com	go.ezodn.com
2	mug.criteo.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	simage4.pubmatic.com	ads.pubmatic.com
1	s0.2mdn.net	tpc.googlesyndication.com
1	ads.yahoo.com	eus.rubiconproject.com
1	id.rlcdn.com	eus.rubiconproject.com
1	rtb.gumgum.com	1 redirects
1	secure.adnxs.com	1 redirects
1	ads.playground.xyz	1 redirects
1	pubmatic-match.dotomi.com	ads.pubmatic.com
1	match.adsby.bidtheatre.com	1 redirects
1	image4.pubmatic.com	ads.pubmatic.com
1	mwzeom.zeotap.com	ads.pubmatic.com
1	bh.contextweb.com	1 redirects
1	s.tribalfusion.com	ads.pubmatic.com
1	a.tribalfusion.com	1 redirects
1	csync.loopme.me	1 redirects
1	ad4m.at	ads.pubmatic.com
1	sync.targeting.unrulymedia.com	1 redirects
1	cm.adgrx.com	ads.pubmatic.com
1	dsp.adfarm1.adition.com	1 redirects
1	dis.criteo.com	ads.pubmatic.com
1	image6.pubmatic.com	ads.pubmatic.com
1	track-east.mobileadtrading.com	contextual.media.net
1	b1sync.zemanta.com	1 redirects
1	cs.media.net	contextual.media.net
1	cslogger.media.net	contextual.media.net
1	p.rfihub.com	1 redirects
1	secure-assets.rubiconproject.com	1 redirects
1	cm.smadex.com	1 redirects
1	id5-sync.com	go.ezodn.com
1	ezoic-d.openx.net	go.ezodn.com
1	htlb.casalemedia.com	go.ezodn.com
1	hbopenbid.pubmatic.com	go.ezodn.com
1	prebid.a-mo.net	go.ezodn.com
1	bidder.criteo.com	go.ezodn.com
1	prebid.media.net	go.ezodn.com
1	tag.1rx.io	go.ezodn.com
1	www.redeszone.net	itigic.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	itigic.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.googletagmanager.com	itigic.com
1	ajax.googleapis.com	itigic.com
1	go.ezodn.com	itigic.com
0	sync-tm.everesttech.net Failed	ads.pubmatic.com eus.rubiconproject.com
0	prod.perf-serving.com Failed	ads.pubmatic.com
0	um.simpli.fi Failed	ads.pubmatic.com
0	visitor.fiftyt.com Failed	ads.pubmatic.com
0	uipglob.semasio.net Failed	ads.pubmatic.com
0	match.deepintent.com Failed	ads.pubmatic.com
0	image2.pubmatic.com Failed	eu-u.openx.net ads.pubmatic.com
485	103

This site contains links to these domains. Also see Links.

Domain
docs.microsoft.com
hyp3rlinx.altervista.org
blog.talosintelligence.com
www.ezoic.com

Subject Issuer	Validity	Valid
itigic.com R3	`2021-04-13` - `2021-07-12`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-05` - `2021-08-05`	a year	crt.sh
c.amazon-adsystem.com Amazon	`2020-08-04` - `2021-08-02`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.ezoic.net Amazon	`2021-02-15` - `2022-03-16`	a year	crt.sh
ezoic.net R3	`2021-03-24` - `2021-06-22`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.google.ch GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.quantserve.com DigiCert SHA2 High Assurance Server CA	`2020-10-02` - `2021-10-07`	a year	crt.sh
adslzone.net R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.1rx.io Sectigo RSA Domain Validation Secure Server CA	`2019-06-28` - `2021-06-27`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2021-04-12` - `2022-04-20`	a year	crt.sh
*.a-mo.net R3	`2021-03-12` - `2021-06-10`	3 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
onetag-sys.com R3	`2021-05-02` - `2021-07-31`	3 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2021-02-05` - `2022-02-09`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
misc-sni.google.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-04-14` - `2021-07-12`	3 months	crt.sh
*.id5-sync.com R3	`2021-03-23` - `2021-06-21`	3 months	crt.sh
cdn.adnxs.com GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-16` - `2022-03-17`	a year	crt.sh
*.ybp.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-03-29` - `2021-09-22`	6 months	crt.sh
*.adsrvr.org GlobalSign GCC R3 DV TLS CA 2020	`2021-03-18` - `2022-04-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.mobileadtrading.com Amazon	`2021-03-19` - `2022-04-17`	a year	crt.sh
s.amazon-adsystem.com Amazon	`2020-08-28` - `2021-08-20`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
public1.adgear.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-24` - `2022-03-26`	a year	crt.sh
*.dotomi.com GlobalSign RSA OV SSL CA 2018	`2019-06-19` - `2021-08-31`	2 years	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-04-26` - `2021-06-16`	2 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-04-13` - `2021-07-06`	3 months	crt.sh

This page contains 38 frames:

Primary Page: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Frame ID: 022D9C9609D26E3F92677CFC0BEB5FFC
Requests: 275 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 8B41E958BBA93B8B3B0618860257AE5F
Requests: 2 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 86EA36124C0BB557968A87006802AB3B
Requests: 14 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: E3D4E8B5776ADDBAC5F155C4CFBF444B
Requests: 15 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 741DB181BE33CF644100CC88509274AB
Requests: 17 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=itigic.com
Frame ID: AC41B07546EA6C12A07F61298691844E
Requests: 1 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Frame ID: 017C4532F3B6CD21A626B9C136AE80DE
Requests: 11 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?cb=1620409349773&us_privacy=1---
Frame ID: 5B4213F1370AEB866B1CBFD9DB29DCF6
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: B68872D6AB150684DE66333D4E761A85
Requests: 25 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 6B15EE7CEDE64AF3C6CC16617725DF96
Requests: 3 HTTP requests in this frame

Frame: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Frame ID: 6002E74495E027528AD2E35033DE5A6C
Requests: 11 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: EBA4FEB26D1099326417CBD8C391A0BE
Requests: 1 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 8F8CC17CA30814FBF40986352C6F0FD9
Requests: 3 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 88E8ABCB69AC66AFDB3C214475949F05
Requests: 3 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=medianet
Frame ID: 91B5EFF7BBD27632C66A75EBE28A6CC5
Requests: 12 HTTP requests in this frame

Frame: https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=rkt&refUrl=&vid=04093532132634109531228425000V10&ovsid=1870471594926749949
Frame ID: E34B41B068C626B71E31A7EC6ED278CF
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dpba%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3DPM_UID
Frame ID: 7823F09CC3A593376BE5BB4DF5E90D80
Requests: 1 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Frame ID: BB2906EA61537A394746EBB1832854B0
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/showad.js
Frame ID: 00C228974D63B9C59E7531C780433BA0
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 54916400759585092BAE5F0C906B986F
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7566101433466681428
Frame ID: 7C4DEEBF741EB28C80EE688ABFD1C0FD
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959605177284032652
Frame ID: 31B3D78FCAFD3F2E63A10AFB85D044C6
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q
Frame ID: AB69FCE5D883239088E5A2A74DD9279F
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: 8B1030315062E677C318567568F8A9ED
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3abd8566-702b-4e9c-8515-229464292a41-003
Frame ID: 4BD484F4C2D23D3D0328D10043A59CF0
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZRXq6P9HazaibCTpuiz6WxIm
Frame ID: 9CC489C4DA282FE8DE9AAB69AB7003A6
Requests: 1 HTTP requests in this frame

Frame: https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
Frame ID: E4B461B2778CD1FA968F807505147235
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Frame ID: 6804128A7F1E3E8D5E5C5D164C89E9FA
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: B9A4C1BEFD01EC489BFB6DC1ECDDF5D1
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lw64OJ0fgSgc&pid=557219
Frame ID: EE24D2F50715D56EB5DEF805D0266DEB
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=
Frame ID: C12CB1DE882DCF6B2970FE91BBDAEC75
Requests: 1 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 91FA326C9A488D1B6711189F37956F99
Requests: 17 HTTP requests in this frame

Frame: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: F33506FA47B2DBB3B260C3EDEBE1352B
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html
Frame ID: 679F06C990EE195133D6EA88183D2973
Requests: 7 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: 9CF5A50B573B894302DFA89D87B24245
Requests: 11 HTTP requests in this frame

Frame: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs
Frame ID: F70C618AF90B52485F4053978EBB433D
Requests: 20 HTTP requests in this frame

Frame: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 8A77DDADC2FE545C7C28C9847887F6C3
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html
Frame ID: FF619CF4962BC89CEB820A0C88A597AB
Requests: 7 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Statistics

485
Requests

96 %
HTTPS

40 %
IPv6

66
Domains

103
Subdomains

66
IPs

10
Countries

2951 kB
Transfer

7045 kB
Size

0
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: https://docs.microsoft.com/en-us/windows-server/administration/windows-commands/finger
Title: Comando de dedo

Search URL Search Domain Scan URL

URL: http://hyp3rlinx.altervista.org/advisories/Windows_TCPIP_Finger_Command_C2_Channel_and_Bypassing_Security_Software.txt
Title: John Page

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/2019/11/hunting-for-lolbins.html
Title: Relatório Talos Intelligence de

Search URL Search Domain Scan URL

URL: https://www.ezoic.com/what-is-ezoic/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 80

https://itigic.com/pt/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1 HTTP 301
https://itigic.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

Request Chain 97

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fitigic.com%2F&domain=itigic.com&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=_4CQznwzek9nOGxSM2xwWkZGZG52UnhVL0RCbkhCRnBzSHphZCszNWtibWRra2hDRTNibUhDQ3NEODRSUkxCeHZKN1p1SmJBY1RKeEVHS2xSMG5mT3NocVdjblh4cnNLbHJtUWYxUUdwMVQ0MHhaWVYxUFFpRXYzbGwrSlZUUXM4SG9uUzNXTHp5TFppZC9pbnM0QnFiVm54QmkxVUZqRFBjRlpkOFlGT0dhdDdkaURyN1FsUHhxOTVxMHVVUzdibU84M0xvZTE2RGFTUklsRWNrUktTZGFrTUJ3PT18&cppv=2

Request Chain 159

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 179

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 245

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.zFRymdMsg_NMUiulHkz09TvbTP-vckPhrL4wq5iehhyhicK84Al6QEzPW5FJbIy6.Yvx5-EIG1AZwCsHWpKcnyNMzu24%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9266.FVTvHn5pFRrepu_2dia2gKCAOJlr7hmRQJ4OGF7g-ZX7opvOqXpxUHw7wwKuOoZTDzTSbI1joM9YmUqy24Q2bg%2C%2C.FONsmCRaPn_BTxPvdZSk5xxdK3Q%2C

Request Chain 250

https://mc.yandex.com/watch/36618640?wmode=7&page-url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A1982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A515562310949%3Ahid%3A515363639%3Az%3A120%3Ai%3A20210507194232%3Aet%3A1620409352%3Ac%3A1%3Arn%3A379130169%3Au%3A1620409352194850952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620409341647%3Ads%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C911%2C0%2C3004%2C3004%2C2%2C2144%3Adsn%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C881%2C0%2C3004%2C3004%2C2%2C2144%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620409352%3At%3AComo%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010.%20ITIGIC HTTP 302
https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A1982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A515562310949%3Ahid%3A515363639%3Az%3A120%3Ai%3A20210507194232%3Aet%3A1620409352%3Ac%3A1%3Arn%3A379130169%3Au%3A1620409352194850952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620409341647%3Ads%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C911%2C0%2C3004%2C3004%2C2%2C2144%3Adsn%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C881%2C0%2C3004%2C3004%2C2%2C2144%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620409352%3At%3AComo%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010.%20ITIGIC

Request Chain 265

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_ HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=r31uM5Xd1LF4uJ5

Request Chain 266

https://x.bidswitch.net/sync?ssp=openx HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=openx HTTP 302
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=97b07f29-79cf-42e2-b3bd-04ef87c4ec66 HTTP 302
https://x.bidswitch.net/sync?dsp_id=340&user_id=de0b04b4-4c07-4b4e-8d06-7cb2c74abebd&expires=10&ssp=openx&bsw_param=97b07f29-79cf-42e2-b3bd-04ef87c4ec66 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072968&val=97b07f29-79cf-42e2-b3bd-04ef87c4ec66

Request Chain 267

https://match.prod.bidr.io/cookie-sync/ox HTTP 303
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1 HTTP 303
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEN2NVN0JLdmdBQUN6RXRMUTU2UQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1 HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2

Request Chain 268

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ba7f6095-7c09-4f00-a281-f72d7a5bc507

Request Chain 269

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v3hMmr4rRZakehTNvS5Ym7EtRJ6kLkyY7SvT7Dy6

Request Chain 270

https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3517474811054844030

Request Chain 273

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJueYU4c3JT_-sefOe-qqBg&google_cver=1

Request Chain 277

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet HTTP 301
https://eus.rubiconproject.com/usync.html?p=medianet

Request Chain 278

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Drkt%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3D%7Buserid%7D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=rkt&refUrl=&vid=04093532132634109531228425000V10&ovsid=1870471594926749949

Request Chain 281

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dopx%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3D HTTP 302
https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=opx&refUrl=&vid=04093532132634109531228425000V10&ovsid=b7ebc65f-3d87-0550-270d-9a14ef3fae75

Request Chain 282

https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dmma%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3D%5BMM_UUID%5D HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=mma&refUrl=&vid=04093532132634109531228425000V10&ovsid=51c86095-7c09-4f00-a144-a659366fc7e4

Request Chain 283

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjYzNDEwOTUzMTIyODQyNTAwMFYxMA%3D%3D&google_sc=1 HTTP 302
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBv8AbL7_aCMjypY-pMu-gk&google_cver=1

Request Chain 285

https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dzem%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3D__ZUID__ HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=zem&refUrl=&vid=04093532132634109531228425000V10&ovsid=

Request Chain 287

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2634109531228425000V10 HTTP 302
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2634109531228425000V10 HTTP 302
https://contextual.media.net/cksync.php?type=mf&ovsid=9c763aa4-7ff5-4e19-b677-19e0d0339e74&cs=1

Request Chain 288

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Damb%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3D%23USER_ID%23 HTTP 302
https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=amb&refUrl=&vid=04093532132634109531228425000V10&ovsid=4506448288219617478

Request Chain 297

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB HTTP 302
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB&dcc=t

Request Chain 298

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJV8BUzW0gbaYLpT28WaYQAA HTTP 302
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNRY--Uc5gn7k3N3dyBD0M&google_cver=1

Request Chain 299

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB HTTP 302
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELCTCrB0JxmSAfu7k3pIkHc&google_cver=1

Request Chain 302

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qskN76uaBOOxy1W4qJ8Z7qScBeuxnw3t-JosVVAp

Request Chain 303

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB HTTP 302
https://pr-bh.ybp.yahoo.com/sync/casale/YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB

Request Chain 304

https://idsync.rlcdn.com/461886.gif?partner_uid=YJV8BUzW0gbaYLpT28WaYQAA%261146 HTTP 307
https://idsync.rlcdn.com/1000.gif?memo=CL6YHBIpCiUIARDY9gEaHVlKVjhCVXpXMGdiYVlMcFQyOFdhWVFBQSYxMTQ2EAAaDQiJ-NWEBhIFCOgHEABCAEoA HTTP 307
https://token.rubiconproject.com/token?pid=28028&puid=6c7ad110317d6d02d986c5a8b4d74c6d31c00652319a93c4834d4dcf45e5273863c43f2df1037271 HTTP 302
https://idsync.rlcdn.com/464516.gif?partner_uid=KOELW35G-1F-6SX6

Request Chain 309

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7566101433466681428

Request Chain 310

https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959605177284032652

Request Chain 311

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD7cU7BKvgAACzEtLQ56Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_current_partner%3Dsas%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D1%26userid%3DSMART_USER_ID HTTP 302
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=5015504410056566366 HTTP 303
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD7cU7BKvgAACzEtLQ56Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5015504410056566366%26bee_sync_partners%3Dpm%26bee_sync_current_partner%3Dpp%26bee_sync_initiator%3Dpm%26bee_sync_hop_count%3D2 HTTP 302
https://match.prod.bidr.io/cookie-sync?userid=5015504410056566366&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=2&ev=AAD7cU7BKvgAACzEtLQ56Q&pid=558502&do=add HTTP 303
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q

Request Chain 313

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8122160412 HTTP 302
https://sync.1rx.io/usersync/tradedesk/5bf12252-d9c7-46e6-8fea-84ac91722002 HTTP 302
https://sync.targeting.unrulymedia.com/csync/RX-3abd8566-702b-4e9c-8515-229464292a41-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%3D%26piggybackCookie%3DRX-3abd8566-702b-4e9c-8515-229464292a41-003 HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3abd8566-702b-4e9c-8515-229464292a41-003

Request Chain 314

https://green.erne.co/pubmatic/cm HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZRXq6P9HazaibCTpuiz6WxIm

Request Chain 316

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 307
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

Request Chain 317

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}

Request Chain 318

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%% HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lw64OJ0fgSgc&pid=557219

Request Chain 320

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vnOkEznMS0CDb44A_-ALPQ%3D%3D HTTP 302
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

Request Chain 324

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkU3M0E0MTMtMzlDQy00QjQwLTgzNkYtOEUwMEZGRTAwQjNE&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Request Chain 325

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnPybkTEj5bMfWmCqHXQuY&google_cver=1

Request Chain 327

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5bf12252-d9c7-46e6-8fea-84ac91722002

Request Chain 328

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3517474811054844030

Request Chain 329

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:51c86095-7c09-4f00-a144-a659366fc7e4&gdpr=0&gdpr_consent=

Request Chain 330

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4435999911562095551&gdpr=0&gdpr_consent=

Request Chain 332

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE73A413-39CC-4B40-836F-8E00FFE00B3D&redir=true&gdpr=0&gdpr_consent= HTTP 302
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1uRT0X5E2uVsRp0un0pxD0jZikBjUTY-~A&gdpr=0&gdpr_consent=

Request Chain 333

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=izJpmYphYJWQMDHOiWR9mIVnYZ2QZGmb2WFW961z

Request Chain 334

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Request Chain 335

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4506448288219617478&gdpr=0&gdpr_consent=&us_privacy=

Request Chain 337

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4757515f-621f-4783-a8e1-f5d5adc103af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

Request Chain 339

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent= HTTP 302
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent= HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=17c61690-ff85-47c9-8454-12603c63c786-60957c09-4348&gdpr=0&gdpr_consent=

Request Chain 340

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4435999911562095551

Request Chain 341

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D HTTP 302
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa

Request Chain 347

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet HTTP 302
https://contextual.media.net/cksync.php?type=rbcn&ovsid=KOELW35G-1F-6SX6

Request Chain 355

https://token.rubiconproject.com/token?pid=2249&pt=n HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M0ZjM4NmI1NDQ2N2MxNDBmOGFhMjkxYTFmMjExMjhhZjJhMzcyNQ

Request Chain 357

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1 HTTP 302
https://pr-bh.ybp.yahoo.com/sync/rubicon/_0jlr8ZQL5zSLAIkpafkdMn5EUdSAgOZEtemQ7w0kco?csrc= HTTP 302
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3475688935040229492

Request Chain 358

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTMtIho97IHvcA_NnRqbY0&google_cver=1

Request Chain 361

https://token.rubiconproject.com/token?pid=26594 HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOELW35G-1F-6SX6&sigv=1&esig=2~ea3052eb5ca0b06206b190b29d8c9715f85402b1

Request Chain 362

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D HTTP 302
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=51c86095-7c09-4f00-a144-a659366fc7e4

485 HTTP transactions
16 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request & Show response
itigic.com/pt/steal-information-with-finger-command-in-windows-10/ 208 KB
33 KB 1230ms
1144ms Document
text/html 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 / PHP/7.3.27

Resource Hash

e7a673a8b89baec3f3dd436c8157749563ff827b609f6eced33f3a73685a976a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:method: GET
:authority: itigic.com
:scheme: https
:path: /pt/steal-information-with-finger-command-in-windows-10/&
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-encoding: br
content-language: pt
content-type: text/html; charset=utf-8
date: Fri, 07 May 2021 17:42:22 GMT
display: staticcontent_sol, staticcontent_sol
expires: Thu, 06 May 2021 17:42:22 GMT
pagespeed: off
response: 200
server: nginx/1.16.0
set-cookie: ezoadgid_198437=-1; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 18:12:21 UTC ezoref_198437=; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 19:42:21 UTC ezoab_198437=mod1; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 19:42:21 UTC active_template::198437=pub_site.1620409341; Path=/; Domain=itigic.com; Expires=Sun, 09 May 2021 17:42:21 UTC ezopvc_198437=1; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 18:12:22 UTC ezepvv=4619; Path=/; Domain=itigic.com; Expires=Sat, 08 May 2021 17:42:22 UTC ezovid_198437=496430881; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 18:12:22 UTC lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 18:12:22 UTC ezovuuidtime_198437=1620409342; Path=/; Domain=itigic.com; Expires=Sun, 09 May 2021 17:42:22 UTC ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; Path=/; Domain=itigic.com; Expires=Fri, 07 May 2021 18:12:22 UTC ezCMPCCS=true; Path=/; Domain=itigic.com; Expires=Sat, 07 May 2022 17:42:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
x-content-type-options: nosniff
x-ez-proxy-out: true 2.2
x-ezoic-cdn: Miss
x-frame-options: SAMEORIGIN
x-gt-cache-status: BYPASS
x-middleton-display: staticcontent_sol, staticcontent_sol, pub_site_sol
x-middleton-response: 200
x-powered-by: PHP/7.3.27
x-sol: pub_site
x-turbo-charged-by: LiteSpeed

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 99ms
36ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "864 / 716 of 1000 / last-modified: 1620385836"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21221
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:22 GMT

GET
H2 200 dall.js Show response
go.ezodn.com/hb/ 279 KB
82 KB 92ms
76ms Script
application/javascript 2606:4700:3032::ac43:b890
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3032::ac43:b890 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4ed567bf0f9b6ee9fab3483a8317ee8f51ca7028809626a4f0d7a8d0d3979d38

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:22 GMT
content-encoding: br
cf-cache-status: MISS
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KjxHd2qmWCAgmZvBlPA5O5BYmkUapg7s257DY4NKSPQfqsZEYMjBaavHz9nz3wqliWYjrcrbMRCFOhCegeQrzotgvYKPcIW8JFy8Vwf7ISxiK7OQOE13s5o%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=31536000
cf-ray: 64bc3e991b190746-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e98573b000000746e0215000000001

GET
H2 200 apstag.js Show response
c.amazon-adsystem.com/aax2/ 126 KB
33 KB 89ms
35ms Script
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/aax2/apstag.js
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 04:56:33 GMT
content-encoding: gzip
server: Server
age: 45949
etag: 8975e8311e479cf7d71d71133ee2dff8
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
timing-allow-origin: *
x-amz-version-id: RvFob.r3TH_ft5dtWL2SCNMCpiQphReE
x-amz-cf-id: HPxOW2lB7HmyzgziTIJaISGADgloJ13bwfktGIg0Uz0T5leBm9cKwQ==

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/3.6.0/ 87 KB
31 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:831::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/3.6.0/jquery.min.js

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 16:37:17 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 3905
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31017
x-xss-protection: 0
last-modified: Wed, 10 Mar 2021 14:28:09 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 16:37:17 GMT

GET
H2 200 gtranslate-style24.css
itigic.com/wp-content/plugins/gtranslate/ 897 B
520 B 350ms
48ms Stylesheet
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ff=1&ver=5.7.1&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

0b374aad70ffad4e36e8d5792084dc6f0b9fa57277090113bb44ededcdcd5cac

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/gtranslate/gtranslate-style24.css?ff=1&ver=5.7.1&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;8d64196e7359a666764c0c6b3776384f;2-198437-2;e8fd0c3d-ede5-47c7-4407-95c4e2727905
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 284
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2

GET
H2 200 style.min.css
itigic.com/wp-includes/css/dist/block-library/ 57 KB
8 KB 659ms
357ms Stylesheet
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-includes/css/dist/block-library/style.min.css?ff=1&ver=5.7.1&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ff=1&ver=5.7.1&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: text/css
x-middleton-response: 200
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2
expires: Fri, 14 May 2021 17:42:23 GMT

GET
H2 200 screen.min.css
itigic.com/wp-content/plugins/table-of-contents-plus/ 1 KB
657 B 378ms
76ms Stylesheet
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ff=1&ver=2002&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/table-of-contents-plus/screen.min.css?ff=1&ver=2002&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;470da301b96cda694b8499f5918f8237;2-198437-2;929971ea-7b99-4290-6c2b-9b031982667a
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 378
response: 200
last-modified: Thu, 06 May 2021 21:16:04 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 css
fonts.googleapis.com/ 9 KB
1 KB 34ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,700&display=swap

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7df9c4cdfb9a1291df6652729b571ec6511f46da9f23388233e3ac2722569c63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:42:22 GMT
server: ESF
date: Fri, 07 May 2021 17:42:22 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:22 GMT

GET
H2 200 style.css
itigic.com/wp-content/themes/mh-magazine-lite/ 45 KB
9 KB 378ms
77ms Stylesheet
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/themes/mh-magazine-lite/style.css?ff=1&ver=2.8.6&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

3856e7f4b671e597667b3c71ae17adafc1d0073de52364add4a7229b32ce22d6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/mh-magazine-lite/style.css?ff=1&ver=2.8.6&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b3d4608d70aac56a181785f4c1ec23a3;2-198437-2;98285b46-365e-46d1-4cd3-27c29ce46749
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 font-awesome.min.css
itigic.com/wp-content/themes/mh-magazine-lite/includes/ 30 KB
7 KB 354ms
53ms Stylesheet
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

654a6b90bd1e8379f0f7b0f3f418c3bad7ee695fbd8979b7c22a993a85765486

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;2736dfed206baa8dd1ce0573e44962fd;2-198437-2;f02df1dc-df62-47e9-761b-3825b4066bcb
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:03 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 scripts.js Show response
itigic.com/wp-content/themes/mh-magazine-lite/js/ 30 KB
10 KB 350ms
49ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.8.6

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

9a6d5096068784e4493f9b3a5d4226b12c966fbcc43d7ab1007d9f0dd9025f49

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/mh-magazine-lite/js/scripts.js?ver=2.8.6
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;a700be8650d8e750e0d558d542864d1a;2-198437-2;2283db80-3875-4251-7b54-6e175624513d
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 88 KB
35 KB 33ms
14ms Script
application/javascript 2a00:1450:4001:811::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-73737898-1

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

96519db0e4dd846a8a68e173c0cd57fa0c0f743e5d1b887b7d0efab891559cd8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35808
x-xss-protection: 0
last-modified: Fri, 07 May 2021 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 07 May 2021 17:42:23 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 118ms
33ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486361
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: niFMOpS4kNzIb69K1LIhcpCvT7vLTMnjhYz8dspD63v9sIpRvfHa4g==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

GET
H2 200 banger.js Show response
itigic.com/porpoiseant/ 43 KB
10 KB 345ms
43ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e02d37771a65793ca6f28decf3f8f663920232f69ca6a8bf14dd00f6a5792b13

Request headers

:path: /porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
H2 200 queue.js Show response
tdns3.gtranslate.net/tdn-bin/ 47 KB
12 KB 115ms
83ms Script
application/javascript 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns3.gtranslate.net/tdn-bin/queue.js
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a395d178b955d57372b3978ceac2816f4fe4fc7c759bb30c04e39586a7c9cf

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oipAElFcP%2FqJmp1k0%2FJpAqjozruCeV5FwQWR8laPUNAapOGbpVm%2BJ932vTPpUnKG7vH%2BhIj%2B9mDETFLNKgXC5wQyFX2p2CCWoz8iGlxRiQFGbROT7oAo1tACR15CXy06ig%3D%3D"}],"max_age":604800,"group":"cf-nel"}
content-type: application/javascript; charset=utf-8
cache-control: no-cache
cf-ray: 64bc3e9bce392b95-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e985756400002b9593356000000001

GET
H2 200 bid Show response
c.amazon-adsystem.com/e/dtb/ 23 B
368 B 62ms
61ms XHR
text/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&pid=6qvkzTXPEGzlv&cb=0&ws=1600x1200&v=7.64.00&t=2000&slots=%5B%7B%22sd%22%3A%220%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%221%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%222%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%223%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-billboard-2%22%7D%2C%7B%22sd%22%3A%224%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-1%22%7D%2C%7B%22sd%22%3A%225%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-1%22%7D%2C%7B%22sd%22%3A%226%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-1%22%7D%2C%7B%22sd%22%3A%227%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-1%22%7D%2C%7B%22sd%22%3A%228%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%229%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%2210%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%2211%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-large-leaderboard-1%22%7D%2C%7B%22sd%22%3A%2212%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-3%22%7D%2C%7B%22sd%22%3A%2213%22%2C%22s%22%3A%5B%22580x400%22%2C%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-medrectangle-3%22%7D%2C%7B%22sd%22%3A%2214%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-4%22%7D%2C%7B%22sd%22%3A%2215%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-medrectangle-4%22%7D%2C%7B%22sd%22%3A%2216%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-banner-1%22%7D%2C%7B%22sd%22%3A%2217%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%2218%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%2219%22%2C%22s%22%3A%5B%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-medrectangle-1%22%7D%2C%7B%22sd%22%3A%2220%22%2C%22s%22%3A%5B%22336x280%22%2C%22300x250%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-banner-2%22%7D%2C%7B%22sd%22%3A%2221%22%2C%22s%22%3A%5B%22970x90%22%2C%22728x90%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-medrectangle-2%22%7D%2C%7B%22sd%22%3A%2222%22%2C%22s%22%3A%5B%22468x60%22%5D%2C%22sn%22%3A%22%2F1254144%2Fitigic_com-box-2%22%7D%5D&cfgv=0&schain=1.0%2C1!ezoic.ai%2Cbf75b2135678476ac8f11814225491a3%2C1%2C%2C%2C&pubid=aa05931b-5308-4ea3-95a2-adf84f4ffde4&gdprl=%7B%22status%22%3A%22no-cmp%22%7D
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: 745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
via: 1.1 aae0a3ddd306e11f8c3d25a657078704.cloudfront.net (CloudFront)
server: Server
x-amz-cf-pop: AMS1-C1
vary: User-Agent
x-cache: Miss from cloudfront
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 23
x-amz-cf-id: GSJLTvpM-vHO2wNRCRK0AFElNLcMZEMu8hlNrThDlGHXlEu0HQFHpQ==

GET
H2 200 aps_csm.js Show response
c.amazon-adsystem.com/bao-csm/aps-comm/ 6 KB
3 KB 121ms
65ms XHR
application/javascript 65.9.86.127
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by: Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.86.127 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: eEYYOb32LZFr6yGAi8hXG4401uAIPew2
content-encoding: gzip
etag: W/"a4d296427fc806b21335359e398c025c"
age: 81526
x-cache: Hit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Wed, 07 Apr 2021 05:49:36 GMT
server: AmazonS3
date: Thu, 06 May 2021 19:03:38 GMT
vary: Origin
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 cc03ea6a31b592e93e84115778cdc495.cloudfront.net (CloudFront)
cache-control: public, max-age=86400
x-amz-cf-pop: AMS1-C1
x-amz-cf-id: BsgGPs--oFVWesXHYrxwcVuElDQnPiZUl3k3JjaaeK3IBqtmGeUPbA==

GET
H2 200 ezosuigeneris.js Show response
g.ezoic.net/ 555 B
562 B 73ms
26ms Script
text/javascript 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigeneris.js
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 86ff3759da2ec669a52361c6742498ec003221a71dff82746b90f0d391b8ab17

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
last-modified: Fri, 07 May 2021 03:39:18 GMT
server: nginx/1.16.0
etag: 7eb45f0640f738a780058eeddaf87253
vary: Accept-Encoding, Accept-Encoding
content-type: text/javascript
cache-control: max-age=999999, private
content-length: 275
expires: Mon, 29 Apr 2020 21:44:55 GMT

GET
H2 200 cmb.js Show response
itigic.com/detroitchicago/ 128 KB
33 KB 353ms
51ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: bf437f32660363d0f48e911c360484cf704798de5c8e8432b5670a4095150252

Request headers

:path: /detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fe68b626982e1d932ab57b4497b366e470b086410aaf609dbf00a398e5d1852e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 mem8YaGs126MiZpBA-UFVZ0b.woff2
fonts.gstatic.com/s/opensans/v18/ 14 KB
14 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFVZ0b.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 01:50:37 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
age: 316306
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14380
x-xss-protection: 0
expires: Wed, 04 May 2022 01:50:37 GMT

GET
H2 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 248505
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 04 May 2022 20:40:38 GMT

GET
H2 200 fontawesome-webfont.woff2
itigic.com/wp-content/themes/mh-magazine-lite/fonts/ 75 KB
76 KB 396ms
95ms Font
font/woff2 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0

Requested by

Host: itigic.com
URL: https://itigic.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

sec-fetch-mode: cors
origin: https://itigic.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: font
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
:path: /wp-content/themes/mh-magazine-lite/fonts/fontawesome-webfont.woff2?v=4.7.0
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: */*
cache-control: no-cache
:authority: itigic.com
referer: https://itigic.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://itigic.com
Referer: https://itigic.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;89710e5204b8674e376a8da06e041dd4;2-198437-2;43862147-5a11-4d81-49e3-69393611388e
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:08 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
access-control-max-age: 1728000
access-control-allow-methods: POST, GET, OPTIONS
content-type: font/woff2
access-control-allow-origin: https://itigic.com
x-middleton-response: 200
vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
cache-control: public, max-age=31536000
x-turbo-charged-by: LiteSpeed

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ 15 KB
15 KB 16ms
15ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,700&display=swap

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 459525
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H3-29 200 pubads_impl_2021042801.js Show response
securepubads.g.doubleclick.net/gpt/ 300 KB
106 KB 50ms
25ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 28 Apr 2021 08:37:54 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108145
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:23 GMT

GET
DATA 200
OK truncated
/ 72 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d4a3452726fdcd8f9eca6905498c6e7d906408210223a642242f8b160aa688f5

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8b50113869fc5d30c0f30718ccb7ffa971b79d0b5917e1023c551930eab6349e

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 69 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb148fa65c2cc0eb97e8ac8581d6b61894633a967601284f6c28980527873ffe

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 29ms
6ms Script
text/javascript 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-73737898-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 747
date: Fri, 07 May 2021 17:29:56 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Fri, 07 May 2021 19:29:56 GMT

GET
DATA 200
OK truncated
/ 71 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ca8a0a578197140446a71bbc592961f8bf71cd71e70c2dd97a9d66cff2d566a0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 11 KB
5 KB 195ms
175ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://translate.googleapis.com/translate_a/t?anno=3&client=te_lib&format=html&v=1.0&key=AIzaSyBOti4mM-6x9WDnZIjIeyEU21OpBXqWBgw&logld=vTE_20170501_01&sl=en&tl=it&sp=nmt&tc=2&ctt=1&tk=888734.741855&mode=1

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

07e4ab53ff70c709036d6c63eb197f689c77adba37ab329e839c0fbbc5bc472a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: it
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4428
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:23 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 9 KB
1 KB 304ms
293ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

68eda713b8797f69e5bc3b27edf31e5a80de88c0c52c23489e876f52e3a64c76

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: de
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1109
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:24 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 11 KB
4 KB 183ms
175ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

f4131dbcc3d918e66df4605fee019426a7d19ff97a6e66913e4fd86d2ad68ce8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: it
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4436
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:23 GMT

POST
H2 200 t Show response
translate.googleapis.com/translate_a/ 12 KB
4 KB 180ms
176ms XHR
application/json 2a00:1450:4001:811::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

c66700fc4962522dc4120afbd107324ef077eb2b0885106bec0b92e2e7a4b817

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: HTTP server (unknown)
content-language: pt
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
access-control-allow-origin: *
cache-control: private, max-age=600
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4324
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:23 GMT

GET
H2 200 houston.js Show response
itigic.com/detroitchicago/ 3 KB
1 KB 345ms
44ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/houston.js?gcb=3&cb=36
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa

Request headers

:path: /detroitchicago/houston.js?gcb=3&cb=36
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
x-middleton-display: sol-js
cache-control: max-age=31536000, public
x-robots-tag: noindex
content-length: 1163

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
799 B 42ms
16ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 34ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 3 KB
333 B 588ms
587ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=4446537499702843&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2%2Citigic_com-box-3%2Citigic_com-medrectangle-3%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4%2C%2F0%2F4&prev_iu_szs=468x60%2C300x250%2C580x400%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250%2C320x50%7C300x250&fluid=0%2C0%2C0%2Cheight%2Cheight%2Cheight%2Cheight&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D500%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C3%257C%26iid11%3D1064369%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Ditigic_com-box-3-1064369%26eb_br%3D8b07bae800b215e481d05a271b3e723b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D700%26br2%3D1000%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C26%2C30%2C0%2C31%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C124%257C%26iid11%3D1076668%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D13%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Ditigic_com-medrectangle-3-1076668%26eb_br%3D39abb99448d54704c4afa42efe76e15d%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D1100%26br2%3D1600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dd81e229576f8cb8a43ff5c6a8e596727%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D1500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dd81e229576f8cb8a43ff5c6a8e596727%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D1500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dd81e229576f8cb8a43ff5c6a8e596727%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D1500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dd81e229576f8cb8a43ff5c6a8e596727%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D1500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409343&dt=1620409343850&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566%2C474%2C334%2C1002%2C1002%2C1002%2C1002&adys=290%2C524%2C1084%2C383%2C648%2C913%2C1178&adks=3929797713%2C3833649259%2C1797967201%2C4007782779%2C165232300%2C165232301%2C165232298&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60%7C678x250%7C678x400%7C300x262%7C300x262%7C300x262%7C300x262&msz=468x60%7C300x250%7C580x400%7C300x262%7C300x262%7C300x262%7C300x262&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0%2C4%2C4%2C0%2C0%2C0%2C0&ohw=0%2C678%2C678%2C0%2C0%2C0%2C0&btvi=0%7C0%7C0%7C0%7C0%7C0%7C0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

31eae64313cc4651bbb8f415ccba09b43341d117b4927fdd5d8944d5af49a6b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 303
x-xss-protection: 0
google-lineitem-id: -2,-2,-2,-2,-2,-2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2,-2,-2,-2,-2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 59ms
14ms Other
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ 0
0 25ms
5ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 456 B
267 B 466ms
466ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=4207703079991188&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&prev_scp=a%3D%257C1%257C%26iid11%3D1070521%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D21%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditigic_com-medrectangle-2-1070521%26eb_br%3D39abb99448d54704c4afa42efe76e15d%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D1100%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C168%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409343&dt=1620409343861&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1108&adks=1615653332&ucis=8&ifi=8&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

76106414a05860a99ce180d98f992d5350007c94831955e1494f8f59a58b410a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:80e::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=2059617897&t=pageview&_s=1&dl=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26&ul=en-us&de=UTF-8&dt=Como%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010.%20ITIGIC&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=521649850&gjid=93768110&cid=1178867069.1620409344&tid=UA-73737898-1&_gid=1114735134.1620409344&_r=1&gtm=2ou4s0&z=760239928

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://itigic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
456 B 41ms
14ms XHR
text/plain 2a00:1450:400c:c04::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-73737898-1&cid=1178867069.1620409344&jid=521649850&gjid=93768110&_gid=1114735134.1620409344&_u=YAhAAUAAAAAAAC~&z=198366755

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 07 May 2021 17:42:23 GMT
content-type: text/plain
access-control-allow-origin: https://itigic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 nmash.js
itigic.com/porpoiseant/ 33 KB
9 KB 345ms
44ms Other
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/nmash.js?v=19
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: 0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd

Request headers

:path: /porpoiseant/nmash.js?v=19
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: same-origin
accept: */*
cache-control: no-cache
sec-fetch-dest: worker
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
last-modified: Fri, 30 Apr 2021 20:22:23 GMT
server: nginx/1.16.0
etag: "854d-5c1365e987dc0;5c1afd1a03d0a-gzip"
vary: Accept-Encoding Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000, public
accept-ranges: bytes
x-robots-tag: noindex

POST
H3-29 200 save Show response
tdns3.gtranslate.net/tdn-bin/ 7 B
628 B 62ms
48ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns3.gtranslate.net/tdn-bin/save
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tc5VMqhcZW3DE4vMPvxAWPwAvnOcoxD5jnPxzmivoD%2B8Ve9jh0NmVUEFX8OYaxo%2FZRHSE%2BQefD0YtZdnrYEK9JAN2%2B7QwDLpbitzrP1MU1zppSxBTNtr3yZ4wX8Tg8BpVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 64bc3e9fdec02bd6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e98577e800002bd6bfbb2000000001

POST
H3-29 200 save Show response
tdns3.gtranslate.net/tdn-bin/ 7 B
626 B 56ms
45ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns3.gtranslate.net/tdn-bin/save
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=9emrbtoK3joUi1srHfLWqLVTdfh5zLGO3LTXUiA7YmG1x6Ndpg11ekvQR6%2BfvbP748Nb%2BNU8BDLrGXrea3%2BGLSmzjHLAFONRzJoeWhVd%2Bb3UydPKkgWkifyMXHeiwDSi9g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 64bc3e9fdec52bd6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e98577e900002bd6eb87b000000001

POST
H3-29 200 save Show response
tdns3.gtranslate.net/tdn-bin/ 7 B
659 B 40ms
24ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns3.gtranslate.net/tdn-bin/save
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nvACZah8NrrBobcv474l1oePhbyQ0s8JBvexGRJzIrjfGZTFA0TQ%2BfZCoMdswdbGmjJjPPhiJzIHVErobEnfDEFPlt7FZcLVA404SEo4eJ6JqU42Ogn4xa%2BwTqnTpQbsiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 64bc3e9fdecb2bd6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e98577ec00002bd6d9119000000001

GET
H2 200 imp.gif Show response
itigic.com/detroitchicago/ 43 B
140 B 345ms
43ms XHR
image/gif 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%2234%2C34%2C34%2C34%2C0%2C0%2C0%2C0%2C35%2C35%2C35%2C35%2C2%2C21%2C3%2C22%2C30%2C4%2C4%2C4%2C31%2C5%2C1%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A23%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A11%2C%22domain_id%22%3A198437%2C%22domain_test_group%22%3A20210310%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A3%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A10%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1102%2C1104%2C1104%2C1104%2C1105%2C1105%2C1105%2C1105%2C1114%2C1115%2C1116%2C1117%2C1118%2C1124%2C1124%2C1124%2C1124%2C1125%2C1125%2C1125%2C1125%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%229b0c9874-1ab5-4e51-7b4b-22fe600594e0%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A56937%2C%22response_time_orig%22%3A885%2C%22serverid%22%3A%2234.241.252.242%3A12997%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1102%2C1104%2C1104%2C1104%2C1105%2C1105%2C1105%2C1105%2C1114%2C1115%2C1116%2C1117%2C1118%2C1124%2C1124%2C1124%2C1124%2C1125%2C1125%2C1125%2C1125%22%2C%22t_epoch%22%3A1620409341%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1255%2C%22worst_bad_word_level%22%3A0%7D
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Request headers

:path: /detroitchicago/imp.gif?e=%7B%22ad_cache_level%22%3A1%2C%22ad_count_adjustment%22%3A3%2C%22ad_lazyload_version%22%3A3%2C%22ad_load_version%22%3A2%2C%22ad_location_ids%22%3A%2234%2C34%2C34%2C34%2C0%2C0%2C0%2C0%2C35%2C35%2C35%2C35%2C2%2C21%2C3%2C22%2C30%2C4%2C4%2C4%2C31%2C5%2C1%22%2C%22ad_transform_level%22%3A0%2C%22adx_ad_count%22%3A23%2C%22bidder_method%22%3A1%2C%22bidder_version%22%3A5%2C%22city%22%3A%22Zurich%22%2C%22country%22%3A%22CH%22%2C%22days_since_last_visit%22%3A-1%2C%22display_ad_count%22%3A11%2C%22domain_id%22%3A198437%2C%22domain_test_group%22%3A20210310%2C%22ds_adsize_opt_id%22%3A-1%2C%22engaged_time_visit%22%3A0%2C%22ezcache_level%22%3A1%2C%22ezcache_skip_code%22%3A3%2C%22form_factor_id%22%3A1%2C%22framework_id%22%3A1%2C%22has_bad_image%22%3A0%2C%22has_bad_words%22%3A0%2C%22iab_category%22%3A%22%22%2C%22iab_category_0%22%3A%22596%22%2C%22is_from_recommended_pages%22%3Afalse%2C%22is_return_visitor%22%3Afalse%2C%22is_sitespeed%22%3A1%2C%22last_page_load%22%3A%22%22%2C%22last_pageview_id%22%3A%22%22%2C%22lt_cache_level%22%3A0%2C%22max_ads%22%3A10%2C%22metro_code%22%3A0%2C%22optimization_version%22%3A1%2C%22page_ad_positions%22%3A%221100%2C1101%2C1102%2C1104%2C1104%2C1104%2C1105%2C1105%2C1105%2C1105%2C1114%2C1115%2C1116%2C1117%2C1118%2C1124%2C1124%2C1124%2C1124%2C1125%2C1125%2C1125%2C1125%22%2C%22page_view_count%22%3A0%2C%22page_view_id%22%3A%229b0c9874-1ab5-4e51-7b4b-22fe600594e0%22%2C%22position_selection_id%22%3A39%2C%22postal_code%22%3A%228010%22%2C%22pv_event_count%22%3A0%2C%22response_size_orig%22%3A56937%2C%22response_time_orig%22%3A885%2C%22serverid%22%3A%2234.241.252.242%3A12997%22%2C%22state%22%3A%22ZH%22%2C%22sub_page_ad_positions%22%3A%221100%2C1101%2C1102%2C1104%2C1104%2C1104%2C1105%2C1105%2C1105%2C1105%2C1114%2C1115%2C1116%2C1117%2C1118%2C1124%2C1124%2C1124%2C1124%2C1125%2C1125%2C1125%2C1125%22%2C%22t_epoch%22%3A1620409341%2C%22template_id%22%3A134%2C%22time_on_site_visit%22%3A0%2C%22url%22%3A%22https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%22%2C%22user_id%22%3A0%2C%22word_count%22%3A1255%2C%22worst_bad_word_level%22%3A0%7D
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding Accept-Encoding
content-type: image/gif
x-middleton-display: imp_sol
cache-control: no-cache, no-store, must-revalidate, max-age=0
content-length: 47

GET
H2 200 quant.js Show response
secure.quantserve.com/ 23 KB
9 KB 22ms
8ms Script
application/javascript 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: gzip
etag: "9iaPKZLFg6XYoMRMhilE8g=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 14 May 2021 17:42:24 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 gtranslate-style24.css
itigic.com/wp-content/plugins/gtranslate/ 897 B
897 B 352ms
51ms Image
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itigic.com/wp-content/plugins/gtranslate/gtranslate-style24.css?ff=1&ver=5.7.1&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/gtranslate/gtranslate-style24.css?ff=1&ver=5.7.1&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;8d64196e7359a666764c0c6b3776384f;2-198437-2;e8fd0c3d-ede5-47c7-4407-95c4e2727905
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 284
response: 200
last-modified: Thu, 06 May 2021 21:16:06 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2

GET
H2 200 style.min.css
itigic.com/wp-includes/css/dist/block-library/ 57 KB
57 KB 653ms
352ms Image
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itigic.com/wp-includes/css/dist/block-library/style.min.css?ff=1&ver=5.7.1&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/css/dist/block-library/style.min.css?ff=1&ver=5.7.1&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:04 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: text/css
x-middleton-response: 200
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2
expires: Fri, 14 May 2021 17:42:24 GMT

GET
H2 200 screen.min.css
itigic.com/wp-content/plugins/table-of-contents-plus/ 1 KB
1 KB 353ms
51ms Image
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itigic.com/wp-content/plugins/table-of-contents-plus/screen.min.css?ff=1&ver=2002&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/table-of-contents-plus/screen.min.css?ff=1&ver=2002&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;470da301b96cda694b8499f5918f8237;2-198437-2;929971ea-7b99-4290-6c2b-9b031982667a
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 378
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 style.css
itigic.com/wp-content/themes/mh-magazine-lite/ 45 KB
45 KB 359ms
58ms Image
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itigic.com/wp-content/themes/mh-magazine-lite/style.css?ff=1&ver=2.8.6&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/mh-magazine-lite/style.css?ff=1&ver=2.8.6&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;b3d4608d70aac56a181785f4c1ec23a3;2-198437-2;98285b46-365e-46d1-4cd3-27c29ce46749
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:06 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 font-awesome.min.css
itigic.com/wp-content/themes/mh-magazine-lite/includes/ 30 KB
30 KB 355ms
54ms Image
text/css 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://itigic.com/wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/themes/mh-magazine-lite/includes/font-awesome.min.css?ff=1&wps=true
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
x-content-type-options: nosniff
x-sol: orig
display: staticcontent_sol, orig_site_sol
x-ezoic-cdn: Hit ds;mm;2736dfed206baa8dd1ce0573e44962fd;2-198437-2;f02df1dc-df62-47e9-761b-3825b4066bcb
x-middleton-display: staticcontent_sol, orig_site_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: text/css
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 greenoaks.gif Show response
itigic.com/detroitchicago/ 0
104 B 342ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6IjdlYjQ1ZjA2NDBmNzM4YTc4MDA1OGVlZGRhZjg3MjUzIn1dfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiZGV2aWNlX3dpZHRoIiwidmFsIjoiMTYwMCJ9LHsibmFtZSI6ImRldmljZV9oZWlnaHQiLCJ2YWwiOiIxMjAwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfdGFnIiwidmFsIjoiZW4tVVMifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoibGFuZ3VhZ2VfcHJpbWFyeV9zdWJ0YWciLCJ2YWwiOiJlbiJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJ1bml2ZXJzYWxfdXNlcl9pZCIsInZhbCI6IjdlYjQ1ZjA2NDBmNzM4YTc4MDA1OGVlZGRhZjg3MjUzIn1dfV0=
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:24 UTC

GET
H2 200 ezosuigenerisc.js Show response
g.ezoic.net/ 0
77 B 29ms
28ms Script
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/ezosuigenerisc.js?nogen=1
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
cache-control: max-age=300, private
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding, Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H3-29 200 css
fonts.googleapis.com/ 9 KB
9 KB 23ms
22ms Image
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:400,400italic,600,700&display=swap

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:42:24 GMT
server: ESF
date: Fri, 07 May 2021 17:42:24 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:24 GMT

GET
H2 200 cropped-itigic-logo-1.png
itigic.com/wp-content/uploads/2020/01/ 4 KB
4 KB 346ms
46ms Image
image/webp 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://itigic.com/wp-content/uploads/2020/01/cropped-itigic-logo-1.png?ezimgfmt=rs:300x100/rscb2/ng:webp/ngcb2
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: f2f8a88b545a2bd6991245c0a9c2d99dbbd40a1e4b510da2a015f517cb9b5b0f

Request headers

:path: /wp-content/uploads/2020/01/cropped-itigic-logo-1.png?ezimgfmt=rs:300x100/rscb2/ng:webp/ngcb2
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0; ezosuigeneris=7eb45f0640f738a780058eeddaf87253
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
age: 13982
x-amzn-requestid: 3091e13b-1403-4f2e-a731-e14f53b68878
x-ezoic-cdn: Hit ds;mm;d71a8ea33f9cca8d37107e9bb5a465f3;2-198437-2;59ac2af5-4d97-44e3-41ec-a8cdd07251a0
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol, staticcontent_sol
x-middleton-response: 200
x-amz-apigw-id: ei72LGTYoAMFR_w=
content-length: 3814
display: staticcontent_sol, staticcontent_sol
response: 200
server: nginx/1.16.0
x-amzn-trace-id: Root=1-608aa68d-18a40d75704114584300700a;Sampled=0
vary: Accept-Encoding User-Agent,Origin,Accept-Encoding
access-control-allow-methods: GET
content-type: image/webp
via: 1.1 4278118a12a0d89e17a517194fb2e732.cloudfront.net (CloudFront)
cache-control: public, max-age=31536000
access-control-allow-credentials: true
x-amz-cf-pop: LHR50-C1
access-control-allow-headers: Content-Type, Authorization
x-amz-cf-id: Lv5yoCsgIlzATgU0lA_5exsRP_M4UCMiTCyldYUI4SEkDsm3XkQH-Q==

GET
H2 200 rules-p-31iz6hfFutd16.js Show response
rules.quantcount.com/ 3 B
427 B 58ms
17ms Script
application/javascript 2600:9000:2104:da00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-31iz6hfFutd16.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2104:da00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 15:36:39 GMT
via: 1.1 d91961fd00a0c4f7aae668984dcb62a8.cloudfront.net (CloudFront)
age: 7546
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 3
last-modified: Sat, 04 Mar 2017 19:50:24 GMT
server: AmazonS3
etag: "8a80554c91d9fca8acb82f023de02f11"
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
x-amz-cf-pop: AMS1-C1
accept-ranges: bytes
x-amz-cf-id: 3bJOpPi26z65IDW7QqhwXhiLVKw_x9q_9xNadSCmAw6khEy1xm0yeg==

POST
H3-29 200 save Show response
tdns3.gtranslate.net/tdn-bin/ 7 B
625 B 75ms
75ms XHR
text/plain 2606:4700:3036::6815:325d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://tdns3.gtranslate.net/tdn-bin/save
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3036::6815:325d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"max_age":604800,"report_to":"cf-nel"}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=0lZLmhS%2Bd1rSMKVnUKfiYdLXBAlQ0x5kHEo%2FOctOIf12IHpGnNBOVvopMJobDKOWJMrZ2wUTwY6LChKNoaMBV2ovosacXLYEVPAq75kEy93dp02m3HNgRBLE7qdpvNhFbA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain
access-control-allow-origin: *
cache-control: no-cache
cf-ray: 64bc3ea0885f2bd6-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 09e985785500002bd688128000000001

GET
H2 200 pixel;r=400774325;labels=Domain.itigic_com%2CDomainId.198437;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B;uht=2;fpan...
pixel.quantserve.com/ 35 B
371 B 11ms
9ms Image
image/gif 2620:116:800d:21:51e4:db4b:4436:b305
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=400774325;labels=Domain.itigic_com%2CDomainId.198437;rf=0;a=p-31iz6hfFutd16;url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B;uht=2;fpan=1;fpa=P0-1397022501-1620409344086;pbcn=u;pbc=;ns=0;ce=1;qjs=1;qv=1558287b-20210421211215;cm=;gdpr=0;ref=;d=itigic.com;je=0;sr=1600x1200x24;dst=1;et=1620409344086;tzo=-120;ogl=site_name.ITIGIC%20%7C%20Technical%20How-tos%252C%20Tips%252C%20and%20Tricks%2Ctype.article%2Ctitle.Como%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010%252E%20ITIGIC%2Cdescription.Uma%20nova%20falha%20de%20seguran%C3%A7a%20foi%20encontrada%20no%20Windows%2010%252E%20Desta%20vez%252C%20ela%20afeta%20u%2Curl.https%3A%2F%2Fitigic%252Ecom%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%2Cimage.https%3A%2F%2Fitigic%252Ecom%2Fwp-content%2Fuploads%2F2020%2F01%2Fcropped-itigic-logo-1%252Epng%2Cimage%3Asecure_url.https%3A%2F%2Fitigic%252Ecom%2Fwp-content%2Fuploads%2F2020%2F01%2Fcropped-itigic-logo-1%252Epng%2Ctitle.Como%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010%2Cdescription.Uma%20nova%20falha%20de%20seguran%C3%A7a%20foi%20encontrada%20no%20Windows%2010%252E%20Desta%20vez%252C%20ela%20afeta%20u%2Curl.https%3A%2F%2Fitigic%252Ecom%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%2Cimage.https%3A%2F%2Fitigic%252Ecom%2Fwp-content%2Fuploads%2F2020%2F09%2F20200919_5f65b6fdd7d43%252Ejpg%2Cimage%3Awidth.1000%2Cimage%3Aheight.523

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:51e4:db4b:4436:b305 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:24 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 Finger-Portada.jpg
www.redeszone.net/app/uploads-redeszone.net/2020/09/ 68 KB
69 KB 110ms
36ms Image
image/webp 51.255.81.138
OVH

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.redeszone.net/app/uploads-redeszone.net/2020/09/Finger-Portada.jpg

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

51.255.81.138 , France, ASN16276 (OVH, FR),

Reverse DNS

ns3037287.ip-51-255-81.eu

Software

nginx /

Resource Hash

ac3dba0b78e4bce4ae5fb212ddf0e976910f809131f91023f61cd084ea08b855

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
tp-cache: HIT
age: 41960
x-cache: MISS
img-service: gaz
x-device: desktop
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-length: 69792
original-size: 206308
quality: 75
server: nginx
vary: Accept-Encoding,acceptsWebP
content-type: image/webp
cache-control: max-age=2592000, s-maxage=2592000
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
azage: 0
tp-l2-cache: MISS

GET
H2 200 greenoaks.gif Show response
itigic.com/detroitchicago/ 0
42 B 341ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjE0NTEifV19XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoidGltZXJfZmlyc3RfYWRfcmVxdWVzdCIsInZhbCI6IjE0NTEifV19XQ==
pragma: no-cache
cookie: ezoadgid_198437=-1; ezoref_198437=; ezoab_198437=mod1; active_template::198437=pub_site.1620409341; ezopvc_198437=1; ezepvv=4619; ezovid_198437=496430881; lp_198437=https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&; ezovuuidtime_198437=1620409342; ezovuuid_198437=a20ab253-3d3e-400e-4098-be173504325c; ezCMPCCS=true; ezds=ffid%3D1%2Cw%3D1600%2Ch%3D1200; ezohw=w%3D1600%2Ch%3D1200; _ga=GA1.2.1178867069.1620409344; _gid=GA1.2.1114735134.1620409344; _gat_gtag_UA_73737898_1=1; ezouspvv=0; ezouspva=0; ezosuigeneris=7eb45f0640f738a780058eeddaf87253; __qca=P0-1397022501-1620409344086; __gads=ID=d6c5b003cbb9d7b3-224f51090bc8000f:T=1620409343:S=ALNI_MZxhT6PcMpSBEJ57eD8i97hDIz8Ng
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:24 UTC

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 36ms
17ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021042801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b827fb1d38720c918aff564f857097167170d85ee61a69dc0b0dae804804a4c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7664
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:24 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 8B41 12 KB
5 KB 15ms
15ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Fri, 07 May 2021 17:27:32 GMT
expires: Sat, 07 May 2022 17:27:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 892
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B41 14 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/FqV0VLp6rdEXSI4DmeIWUmtzlaMH2-g6BTWZ8ktYuf8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 10:23:33 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 03 May 2021 10:48:00 GMT
server: sffe
age: 26331
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5683
x-xss-protection: 0
expires: Sat, 07 May 2022 10:23:33 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 42ms
42ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021042801&jk=2673549932243580&bg=!KSqlKm7NAAYP3QOmD907ACkAdvg8Wp8cu_jGpCPaAgk2k7m1o-_mLMD3yEl8wHiL0Vp-29CQpRVeSgIAAABUUgAAAA1oAQcKAVjaWhrd4WAOjvuT42fXt82eKo7RqsOQi1sVRyJsScbi-49kvQbiAcre1XYPlt68gFawTYjjq9aGPdeM0GlPSnTDOSKBiuDgrIPJSKEzr4yKfW6UQ1PcyqXPzy7-IFKHiOOs3NjhAC7JGZ4wjn0y8KjikTxuNjTeiz8Ysu0B0pxzscqexL7FwQTz8k0QcBKIhDD26hBQoWSaG313X0nF-rWRI8O_69jw-FLzPi_JtLpdBiEkZun16Ky-158SkQuFq7KXxsRlC-LP1t_mEUAroacOIOSlVYWv-0SP3ofLJmFcTyNVAcL2zzwnKD6j-s_adG7KCByA2FtLS4f1ub5fZHvrHbyuzC3Xm8PWp8cjwJ7JFvVeu9JNH64abxp_wb4HroEAEladBCi50MMoXqhaExIZNcyEJ7EI8Kt2jjsnITLJB_5usJ-WjzodE5HsPqcOgt7LmpPaCg8bYZkCND42XY75ZwdvRFLD1qgmjZBYGw0aynEKH2UKAWB5v_28KN-j5xQKFmw15CS4TtGmygiRtn7CAJyKhRJ0W-sVQnBH2Ih0g1j62x1T1to75-RzKUqV3FMdgomp4AVZ8YKx5clety-0Kv3hTfHzsfqQnRG0NrOzOiUsw2RUq7V7rYq4x4JhfcW1he6feYzFhYIUKyx1ziCwQqIymYgYVqGYcHaCLHcTye64n4jxw27cCvUO2RAV8dgzC_0d43hbqKVcUFdsh8DtacTgg_AspYA16fgo22FJclXiZulwsuV6alKKRZleQ7DMrzawARmp7QNFTCNqBd3X2MP9WSvdXF7aOIBh8OMK-pKmhfiaQY6C6SZXD4SKZ5F26PS5T8dlPfrYg4CXC4G1hUgOBH9ofU2x8b-XU53TNqZD05W6xWjOb1JvJCp1-S9xICc_QyTe1ZsG21wTPZ2q85ucXZxJwoDfxle7_7hrLJlxcXMrXcJuT0ncnvCwb8MeSGE60j74RGVKgT9tnyn8Dsf78oY6VucxqUyFd_DRRyXgQNZVaeG_6P9S0dEN53CORi1YDz84mkyOhDx8qdV5Sa9h8z8XJeOneEUBsgcFatqnabRltVaa0giRIEs5RIzDtfA6VheOxP27WlTYJIXV0QI6R3SJ1g9mkD-8dQhX8LUKhTGmwTIJ9YsazAA0x0ojzLEcLFFOtLJWmVA3bcsWWdnD0hVhXt8Yi4AGgakpEfSmFpjKipqCbQoqIhiHpw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:24 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 lcpel.go Show response
itigic.com/cheetah/ 0
86 B 821ms
821ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/cheetah/lcpel.go
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-fetch-mode: cors
origin: https://itigic.com
accept-encoding: gzip, deflate, br
accept-language: en-US
sec-fetch-dest: empty
content-length: 1587
:path: /cheetah/lcpel.go
pragma: no-cache
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
content-type: text/plain
accept: */*
cache-control: no-cache
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: POST
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://itigic.com
date: Fri, 07 May 2021 17:42:27 GMT
cache-control: max-age=0,must-revalidate,no-cache,no-store
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain; charset=utf-8

GET
H2 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 448 B
409 B 429ms
428ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=37594010535342&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=4&rcs=1&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D900%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1500%26reqt%3D1620409347789&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347793&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1178&adks=165232298&ucis=9&ifi=9&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7e51cd9fd7c7e0cfeb69ea5ea5aa92e3b5064bd4a29cffa157a438ce1b45da24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 448 B
767 B 372ms
372ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1400907593493771&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=4&rcs=1&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D900%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1500%26reqt%3D1620409347795&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347797&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=913&adks=165232301&ucis=a&ifi=10&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6fa6d100ba31be4df3623ba6900df09a8f09d48c8c17eca4938a783f6817ada9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 231
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 448 B
409 B 511ms
511ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1932500515055973&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=4&rcs=1&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D900%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1500%26reqt%3D1620409347799&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347801&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=648&adks=165232300&ucis=b&ifi=11&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7c29870434c548969f868c69b1d02948898a463b56f1e9a174bf4082806689f7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 448 B
414 B 750ms
750ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=471665355232838&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=4&rcs=1&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Deeb0e32289ff31f9ddef18331038e5e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D900%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1500%26reqt%3D1620409347804&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347807&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=383&adks=4007782779&ucis=c&ifi=12&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

73d1a31cd225f2d580abcfac574b04ad3b1118a743b7c5619a7a08316f7ee874

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 236
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 457 B
421 B 874ms
874ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2751420591812479&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ris=4&rcs=1&prev_scp=a%3D%257C124%257C%26iid11%3D1076668%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D13%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Ditigic_com-medrectangle-3-1076668%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D1600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%2C22%2C23%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1100%26reqt%3D1620409347809&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347811&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=334&adys=1084&adks=1797967201&ucis=d&ifi=13&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x400&msz=580x400&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ec2e5ff3258cf60bf8337add68ad8ba1543bbb7a9facd6d684eedc01e471e7b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 243
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 448 B
415 B 750ms
750ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=4440251450304763&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=4&rcs=1&prev_scp=a%3D%257C3%257C%26iid11%3D1064369%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Ditigic_com-box-3-1064369%26eb_br%3D9e0a1ce5b2455cb9b48d5df4c6bf4053%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D350%26br2%3D1000%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C26%2C30%2C0%2C31%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D700%26reqt%3D1620409347813&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347815&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=474&adys=524&adks=3833649259&ucis=e&ifi=14&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

08096b508773e489b80bed9eb56e2000cf1341c6dea349be545e866e1f601b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 447 B
413 B 353ms
353ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2937589988724426&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=4&rcs=1&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3D57914c3716312cb7e954090f0717ea25%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D260%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1620409347817&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347819&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=290&adks=3929797713&ucis=f&ifi=15&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e0e548aca2ebd335b118ad17c49f1b1355513b330a071f4f93693ef98fc6627e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 235
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 491 B
432 B 495ms
495ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=775240061032845&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=4&rcs=1&prev_scp=a%3D%257C1%257C%26iid11%3D1070521%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D21%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditigic_com-medrectangle-2-1070521%26eb_br%3D26dfa00588543c52511429ade391f561%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D550%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C168%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26refs%3D30%26lb%3D1100%26reqt%3D1620409347821&eri=1&cookie_enabled=1&bc=31&abxe=1&lmt=1620409347&dt=1620409347824&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1108&adks=1615653332&ucis=g&ifi=16&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2024d3b810e8a8f1e789594c2ce631f80251d77237e3159478ef814809624bd0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 254
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

wp-emoji-release.min.js Show response
itigic.com/wp-includes/js/
Redirect Chain

https://itigic.com/pt/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
https://itigic.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

14 KB
4 KB

644ms
343ms

Script
application/javascript

52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:03 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2
expires: Fri, 14 May 2021 17:42:30 GMT

Redirect headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-powered-by: PHP/7.3.27
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 97
location: https://itigic.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pagespeed: off
response: 301
x-ez-proxy-out: true 2.2
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: text/html;charset=UTF-8
x-gt-redirect-reason: request is a static file
x-middleton-response: 301
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H2 200 jquery.min.js Show response
itigic.com/wp-includes/js/jquery/ 91 KB
30 KB 458ms
457ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1

Requested by

Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

da588baf95598bbbc10f7b35d58dfff6b58cad16260fefa23ea858415f041b22

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1
pragma: no-cache
cookie: __gads=ID=209913d2cf081110-229794f60ac800e8:T=1620409347:S=ALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
response: 200
last-modified: Thu, 06 May 2021 21:16:08 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2
expires: Fri, 14 May 2021 17:42:29 GMT

GET
H3-29 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 25ms
25ms Script
text/javascript 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

sffe /

Resource Hash

a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "864 / 846 of 1000 / last-modified: 1620385836"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21221
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:29 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 30ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 29ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 886 B
268 B 733ms
733ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2883244878074946&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1%2C%2F0%2F1&prev_iu_szs=320x50%7C300x250%2C320x50%7C300x250&fluid=height%2Cheight&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3Db6ac10cddc8471927cec0144110502e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D6500%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%7Ca%3D%257C6%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D1%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3Db6ac10cddc8471927cec0144110502e9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D6500%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349300&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002%2C1002&adys=1560%2C1825&adks=686215702%2C223664751&ucis=h%7Ci&ifi=17&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262%7C300x262&msz=300x262%7C300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0%2C0&ohw=0%2C0&btvi=1%7C2&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

47f846238944f1ac716accc2d5a9c82069f2e3205ade3c70fb26d0a31d78361c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 237
x-xss-protection: 0
google-lineitem-id: -2,-2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2,-2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
256 B 732ms
730ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=288280932047134&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=2&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D650%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D900%26reqt%3D1620409348295&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349324&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1178&adks=165232298&ucis=j&ifi=19&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

58de830b0a508240823eef944246665136eade72ed0b7a0dfbb4a0edd1d77a3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
255 B 401ms
401ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1994467747443848&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=2&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D650%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D900%26reqt%3D1620409348304&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349380&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=913&adks=165232301&ucis=k&ifi=20&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ac972943758941373f2f43d2946b2331c12425df27c2bc387a5ea73cbc6cca7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
256 B 597ms
596ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1607868220837629&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=2&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D650%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D900%26reqt%3D1620409348323&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349384&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=648&adks=165232300&ucis=l&ifi=21&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

3997418653e2fa79e57bae099e4530803bbdf041ccbc8a3d10a5a9533385ef47

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 225
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 430 B
257 B 504ms
503ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2482454497116822&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=2&rcs=2&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3D9ae587f95e95c876b7b76fd4c72a3838%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D180%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%2C20%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D260%26reqt%3D1620409348324&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349388&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=290&adks=3929797713&ucis=m&ifi=22&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7d84f9e8ef61f0a68b5b4ec2dafe85fb4e864a0c0513216ace683868a00f7f14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 439 B
263 B 721ms
721ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3962152543596390&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=2&rcs=2&prev_scp=a%3D%257C1%257C%26iid11%3D1070521%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D21%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditigic_com-medrectangle-2-1070521%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D200%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C168%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C774%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26refs%3D30%26lb%3D550%26reqt%3D1620409348338&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349394&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1108&adks=1615653332&ucis=n&ifi=23&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

83743db248567f00c9f4605f47a18d68c90761e833f046b9b95f288206a7bddf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 232
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 jquery-migrate.min.js Show response
itigic.com/wp-includes/js/jquery/ 11 KB
4 KB 643ms
342ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=2a&ver=3.3.2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

bfa20f343cac1018d5ff5bf009d95a9b327d0e1dff0adfcfc8e1b1a99448751b

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=2a&ver=3.3.2
pragma: no-cache
cookie: __gads=ID=209913d2cf081110-229794f60ac800e8:T=1620409347:S=ALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 4089
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2
expires: Fri, 14 May 2021 17:42:30 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
255 B 382ms
382ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3755676016443150&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=2&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5bac35e1a3b6adc56da706000a645484%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D650%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D900%26reqt%3D1620409348571&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349578&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=383&adks=4007782779&ucis=o&ifi=24&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

2b88a3014a54cb88ca582881fcf2d9e1f0365987b3b1ccb148e1bb6878906ef4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 431 B
257 B 440ms
439ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2677301444806296&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=2&prev_scp=a%3D%257C3%257C%26iid11%3D1064369%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Ditigic_com-box-3-1064369%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D200%26br2%3D1000%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C26%2C30%2C0%2C31%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%2C20%2C21%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D350%26reqt%3D1620409348573&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349583&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=474&adys=524&adks=3833649259&ucis=p&ifi=25&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

82b9ea5ad84449e825340d541cc459aa211d60350eb0e2f30f829c731e98f5a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 226
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 json
gum.criteo.com/sid/ Frame 0
0 69ms
22ms Preflight
application/json 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fitigic.com%2F&domain=itigic.com&cw=1

Protocol

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: https://itigic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: https://itigic.com
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1419
date: Fri, 07 May 2021 17:42:28 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H2

200

sid Show response
mug.criteo.com/
Redirect Chain

https://gum.criteo.com/sid/json?origin=prebid&topUrl=https%3A%2F%2Fitigic.com%2F&domain=itigic.com&cw=1
https://mug.criteo.com/sid?cpp=_4CQznwzek9nOGxSM2xwWkZGZG52UnhVL0RCbkhCRnBzSHphZCszNWtibWRra2hDRTNibUhDQ3NEODRSUkxCeHZKN1p1SmJBY1RKeEVHS2xSMG5mT3NocVdjblh4cnNLbHJtUWYxUUdwMVQ0MHhaWVYxUFFpRXYzbGwrSl...

345 B
628 B

100ms
34ms

XHR
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=_4CQznwzek9nOGxSM2xwWkZGZG52UnhVL0RCbkhCRnBzSHphZCszNWtibWRra2hDRTNibUhDQ3NEODRSUkxCeHZKN1p1SmJBY1RKeEVHS2xSMG5mT3NocVdjblh4cnNLbHJtUWYxUUdwMVQ0MHhaWVYxUFFpRXYzbGwrSlZUUXM4SG9uUzNXTHp5TFppZC9pbnM0QnFiVm54QmkxVUZqRFBjRlpkOFlGT0dhdDdkaURyN1FsUHhxOTVxMHVVUzdibU84M0xvZTE2RGFTUklsRWNrUktTZGFrTUJ3PT18&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

ce9c6cccb2d1c5857fec3aad6b768078346a9eb1b26f7e130ae61bec47ff555b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 07 May 2021 17:42:28 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: null
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2552
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Fri, 07 May 2021 17:42:28 GMT
location: https://mug.criteo.com/sid?cpp=_4CQznwzek9nOGxSM2xwWkZGZG52UnhVL0RCbkhCRnBzSHphZCszNWtibWRra2hDRTNibUhDQ3NEODRSUkxCeHZKN1p1SmJBY1RKeEVHS2xSMG5mT3NocVdjblh4cnNLbHJtUWYxUUdwMVQ0MHhaWVYxUFFpRXYzbGwrSlZUUXM4SG9uUzNXTHp5TFppZC9pbnM0QnFiVm54QmkxVUZqRFBjRlpkOFlGT0dhdDdkaURyN1FsUHhxOTVxMHVVUzdibU84M0xvZTE2RGFTUklsRWNrUktTZGFrTUJ3PT18&cppv=2
access-control-allow-methods: GET
content-type: text/html; charset=utf-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 1675
content-length: 455
expires: 0

POST
H2 204 mvo Show response
tag.1rx.io/rmp/215626/0/ 0
166 B 128ms
51ms XHR
text/plain 213.19.147.43
RHYTHMONE

General

Check archive.org

Show headers Download Go to

Full URL: https://tag.1rx.io/rmp/215626/0/mvo?z=1r&hbv=4.27,2.1
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 213.19.147.43 , United Kingdom, ASN26120 (RHYTHMONE, US),
Reverse DNS
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://itigic.com
pragma: no-cache
date: Fri, 07 May 2021 17:42:29 GMT
cache-control: private, max-age=0, no-cache, no-store
access-control-allow-credentials: true
server: Tengine

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 2 KB
2 KB 98ms
56ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

19d74f11bbbf906b31d9510ad8f151ebaa35d13781deee5ee2d8372a94ae0660

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 07 May 2021 17:42:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.150:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: b7f96f2f-017d-4be6-bda8-ae7892b35680
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://itigic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 724 B
1 KB 145ms
103ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

1fdb80edf5cb581bd2fbe548fb8440293fa92d121f4bf6653ce8074236ecef87

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 07 May 2021 17:42:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.29:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 9860d864-714b-40a9-af1e-7d7e60d875bc
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://itigic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 prebid Show response
prebid.media.net/rtb/ 1 KB
822 B 175ms
125ms XHR
application/json 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.media.net/rtb/prebid?cid=8CUBCB617
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4e1d1a6df0cbcdd769202bdf48c58be557fc82da61315922d05c343eb80ba25f

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
server: nginx
vary: Accept-Encoding
content-type: application/json;charset=ISO-8859-1
access-control-allow-origin: https://itigic.com
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-length: 597
expires: Fri, 07 May 2021 17:42:29 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 2 KB
2 KB 138ms
97ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

bf4df26262de48aa093480907419dd99cb97bd670992b117446daad530a1383a

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 07 May 2021 17:42:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.235:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: ece0c076-7a6b-474c-824b-f67e09e3377a
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://itigic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 492 B
1 KB 91ms
51ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

37b266ea13f3f0ad1e1047d21c9f08eb2303fd263528e0bb23721a74bd041b8e

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:29 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.8:80
AN-X-Request-Uuid: e3b6e502-5a83-4934-b4aa-6d8961fa79a0
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://itigic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 492
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
140 B 134ms
45ms XHR
text/plain 178.250.2.131
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?profileId=207&av=33&wv=4.27.0&cb=6719276379
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.2.131 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.am5.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://itigic.com
date: Fri, 07 May 2021 17:42:29 GMT
access-control-allow-credentials: true
server: Finatra
timing-allow-origin: *
vary: Origin

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 2 KB
2 KB 116ms
75ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

8a4777b848c0d891fc427ada8d61a998bcf7af5df7dfc8c0773099fcfde271e9

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Date: Fri, 07 May 2021 17:42:29 GMT
Content-Encoding: gzip
Transfer-Encoding: chunked
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.81:80
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: cd71a44c-f52f-41ef-9147-d9d04d619d09
Server: nginx/1.17.9
Vary: Accept-Encoding
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://itigic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H/1.1 200
OK prebid Show response
ib.adnxs.com/ut/v3/ 382 B
1 KB 88ms
47ms XHR
application/json 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/ut/v3/prebid

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

471a6d8dd9f491dba6a88c3dc9d3a7e15026582c724f5d548bcc6760b787047c

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:29 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.47:80
AN-X-Request-Uuid: c2439433-5b4b-4d84-a7ff-8d0fc15b79cb
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: https://itigic.com
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/json; charset=utf-8
Content-Length: 382
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

POST
H2 200 c Show response
prebid.a-mo.net/a/ 861 B
781 B 432ms
207ms XHR
application/json 136.144.59.88
PACKET

General

Check archive.org

Show headers Download Go to

Full URL: https://prebid.a-mo.net/a/c
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 136.144.59.88 Secaucus, United States, ASN54825 (PACKET, US),
Reverse DNS
Software: envoy /
Resource Hash: 35ced94808edaacf0dc1488cd1e116a454af14e56062595a458228d697d1c1f9

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
server: envoy
vary: origin, accept-encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://itigic.com
cache-control: max-age=0, private, must-revalidate
access-control-allow-credentials: true
x-envoy-upstream-service-time: 95
content-length: 355

POST
H2 204 translator Show response
hbopenbid.pubmatic.com/ 0
112 B 109ms
55ms XHR
text/plain 185.64.189.112
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://hbopenbid.pubmatic.com/translator?source=prebid-client
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.112 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://itigic.com
date: Fri, 07 May 2021 17:42:29 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true

POST
H2 200 prebid-request Show response
onetag-sys.com/ 15 B
362 B 71ms
34ms XHR
application/json 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/prebid-request

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

strict-transport-security: max-age=15552000
content-encoding: gzip
p3p: CP='CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR'
access-control-allow-origin: https://itigic.com
cache-control: no-transform, no-cache
access-control-allow-credentials: true
content-type: application/json
access-control-allow-headers: content-type, origin, referer, user-agent

GET
H2 200 cygnus Show response
htlb.casalemedia.com/ 6 KB
4 KB 212ms
168ms XHR
application/json 23.37.38.181
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://htlb.casalemedia.com/cygnus?s=305146&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22185f9819ce465ffa%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22mfu%22%3A0%2C%22bu%22%3A10%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allU%22%3A10%2C%22ren%22%3Afalse%2C%22version%22%3A%224.27.0%22%2C%22msd%22%3A1%2C%22msi%22%3A1%7D%7D%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22ezoic.ai%22%2C%22sid%22%3A%22bf75b2135678476ac8f11814225491a3%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22us_privacy%22%3A%221---%22%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%22186c7604f529c0c1%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22187a6ce81305e9b8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305146%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221885b760275b1f9d%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2218963d22f3cd5a56%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305136%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219016b49a5c2156b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305147%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221910e7410f6253e4%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305138%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%2219277c7c2de0e882%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%221933c14768b4f30c%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305140%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22194b375aff14c7c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305145%22%2C%22sid%22%3A%22336x280%22%7D%2C%22banner%22%3A%7B%22w%22%3A336%2C%22h%22%3A280%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22195d38674b9cfd4b%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305137%22%2C%22sid%22%3A%22468x60%22%7D%2C%22banner%22%3A%7B%22w%22%3A468%2C%22h%22%3A60%2C%22topframe%22%3A1%7D%7D%2C%7B%22id%22%3A%22194b375aff14c7c8%22%2C%22ext%22%3A%7B%22siteID%22%3A%22305145%22%2C%22sid%22%3A%22300x250%22%7D%2C%22banner%22%3A%7B%22w%22%3A300%2C%22h%22%3A250%2C%22topframe%22%3A1%7D%7D%5D%7D
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.37.38.181 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-37-38-181.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 943721f763440eea04130dc0aa288ee42e9d5f8171c691bf829575c86b5c693b

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-ak-initial-geo: CC:[CH], RC:[ZH], CN:[EU], CIP:[91.132.136.60], XFF:[]
server: Apache
vary: Is-Traffic-Invalid,Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
access-control-allow-origin: https://itigic.com
x-cs-client-geo: 12
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: true
content-type: application/json
content-length: 3614
x-ak-client-geo: 12
expires: Fri, 07 May 2021 17:42:29 GMT

GET
H2 200 arj Show response
ezoic-d.openx.net/w/1.0/ 190 B
570 B 161ms
95ms XHR
application/json 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://ezoic-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&ch=UTF-8&res=1600x1200x24&ifr=false&tz=-120&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=f9c0fc9d-1b51-4358-a762-a3b19dc6bfca%2C794d8200-5149-4772-af6f-7557687a5f41%2C1844a324-ac20-4bfd-954d-432cb58fa7ab%2Ca76fb42c-8674-4c96-8e18-278897eab10d%2Ca988bde8-8a02-4eb1-b562-67703954a8e4%2Cedba8fb3-5e98-4748-ad1b-d5bb4029a5b5%2C1d15e5f8-d9a6-4a13-a64f-b9acd5e44ac5%2C90c5247f-c2bb-4274-81a2-38cafc23e404&nocache=1620409349705&us_privacy=1---&schain=1.0%2C1!ezoic.ai%2Cbf75b2135678476ac8f11814225491a3%2C1%2C%2C%2C&aus=300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C300x250%7C970x90%2C728x90&divIds=div-gpt-ad-itigic_com-box-1-0_3%2Cdiv-gpt-ad-itigic_com-large-leaderboard-1-0_1%2Cdiv-gpt-ad-itigic_com-large-leaderboard-1-0_2%2Cdiv-gpt-ad-itigic_com-large-leaderboard-1-0_3%2Cdiv-gpt-ad-itigic_com-box-3-0%2Cdiv-gpt-ad-itigic_com-medrectangle-1-0%2Cdiv-gpt-ad-itigic_com-medrectangle-1-0_2%2Cdiv-gpt-ad-itigic_com-medrectangle-2-0&auid=538151781%2C538151781%2C538151781%2C538151781%2C538151781%2C538151781%2C538151781%2C538151782
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 05d2e6c3b3f4df187c819919bab280a9c62b7a189998f70ec1e123b0a00d3611

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin: https://itigic.com
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
content-type: application/json
alt-svc: clear
content-length: 178
via: 1.1 google
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
127 B 342ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMjcifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIzNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: __gads=ID=209913d2cf081110-229794f60ac800e8:T=1620409347:S=ALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw; _pbjs_userid_consent_data=3524755945110770
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
42 B 343ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE2MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjQwMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEyNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTYxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI0MDE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEyNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTYxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjEwNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6IndvcmRzX2JlZm9yZSIsInZhbCI6IjE2MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJ3b3Jkc19iZWZvcmUiLCJ2YWwiOiIxNTkifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjQwMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWxhcmdlLWJpbGxib2FyZC0yLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEyNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTYxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI0MDE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEyNCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoid29yZHNfYmVmb3JlIiwidmFsIjoiMTYxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: __gads=ID=209913d2cf081110-229794f60ac800e8:T=1620409347:S=ALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw; _pbjs_userid_consent_data=3524755945110770
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:29 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 342ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjU2NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjkwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjQ3NCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNTI0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjMzNCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTA4NCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDAyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIzODMifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDAyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI2NDgifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjU2NiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMjkwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjQ3NCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiNTI0In0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjMzNCJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTA4NCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDAyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIzODMifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIxMDAyIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiI2NDgifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: __gads=ID=209913d2cf081110-229794f60ac800e8:T=1620409347:S=ALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw; _pbjs_userid_consent_data=3524755945110770
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 345ms
44ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAwMiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiOTEzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAwMiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTE3OCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNzA1MjEiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI0MDE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMjQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAwMiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTU2MCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjQwMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWxhcmdlLWJpbGxib2FyZC0yLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjEwMDIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE4MjUifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAwMiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiOTEzIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAwMiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTE3OCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwNzA1MjEiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLW1lZHJlY3RhbmdsZS0yLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoicG9zX3giLCJ2YWwiOiIwIn0seyJuYW1lIjoicG9zX3kiLCJ2YWwiOiIxMTAwIn0seyJuYW1lIjoiaXNfZmxvYXRpbmciLCJ2YWwiOiJ0cnVlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDI0MDE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1sYXJnZS1iaWxsYm9hcmQtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMjQsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InBvc194IiwidmFsIjoiMTAwMiJ9LHsibmFtZSI6InBvc195IiwidmFsIjoiMTU2MCJ9LHsibmFtZSI6ImlzX2Zsb2F0aW5nIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMjQwMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWxhcmdlLWJpbGxib2FyZC0yLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTI0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJwb3NfeCIsInZhbCI6IjEwMDIifSx7Im5hbWUiOiJwb3NfeSIsInZhbCI6IjE4MjUifSx7Im5hbWUiOiJpc19mbG9hdGluZyIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: __gads=ID=209913d2cf081110-229794f60ac800e8:T=1620409347:S=ALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw; _pbjs_userid_consent_data=3524755945110770
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:29 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 17ms
17ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 440 B
264 B 428ms
427ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2769095816057615&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ris=2&rcs=2&prev_scp=a%3D%257C124%257C%26iid11%3D1076668%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D13%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Ditigic_com-medrectangle-3-1076668%26eb_br%3D86802a923a1f32517e4c5d3b6d550271%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D200%26br2%3D1600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%2C22%2C23%2C20%2C21%2C22%2C23%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D550%26reqt%3D1620409348704&eri=1&cookie=ID%3D209913d2cf081110-229794f60ac800e8%3AT%3D1620409347%3AS%3DALNI_MaZuv4NAkKP8YDkibb8JYJS7qVykw&bc=31&abxe=1&lmt=1620409349&dt=1620409349719&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=334&adys=1084&adks=1797967201&ucis=q&ifi=26&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x400&msz=580x400&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6333fcdc4d70d96965357d7f792b54a03a2e8e45e6ad93365068df9b879c5d40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 233
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 sid
mug.criteo.com/ Frame 0
0 100ms
33ms Preflight
application/json 178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

Protocol

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept: */*
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Origin: null
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
content-type: application/json; charset=utf-8
expires: 0
strict-transport-security: max-age=31536000
access-control-allow-origin: null
access-control-allow-headers: content-type
access-control-allow-credentials: true
access-control-allow-methods: GET
server-processing-duration-in-ticks: 1080
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
vary: Accept-Encoding

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
165 B 307ms
306ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3687855598695491&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D650%26reqt%3D1620409349882&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409349&dt=1620409349885&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=913&adks=165232301&ucis=r&ifi=27&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

6471e6333744791f6538cbe96d397e558b68d5025e08ea3485270d2d11039e53

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 331 B
164 B 211ms
210ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=4191673551601451&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=1&rcs=3&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3D58ef7bddb438af5e257c4377f32c243a%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D120%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%2C20%2C20%2C608%2C17%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D180%26reqt%3D1620409349898&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409349&dt=1620409349901&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=290&adks=3929797713&ucis=s&ifi=28&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ff3eaba90bdd401456a56d3150fbf53fa4ec60100fb321b27d04717f065f4732

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
164 B 302ms
302ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3532201738256580&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D650%26reqt%3D1620409349988&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409349&dt=1620409349992&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=648&adks=165232300&ucis=t&ifi=29&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7217b7067f9762d9c2109b545c93872ab0a1386e9c09382825433b48d21b5d16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
164 B 255ms
255ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2619011925461184&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D650%26reqt%3D1620409350062&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409350&dt=1620409350065&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1178&adks=165232298&ucis=u&ifi=30&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

684e2d9c3fbcf3fb72c6fb98cdd941d4fc9a18c4dc94cc182d68b8da1f059d51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 18ms
18ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
165 B 767ms
767ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=4395324088633996&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=3&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D5f2b94bb26a5aa9b1a00e66d30cfd5ec%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D500%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D650%26reqt%3D1620409350081&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409350&dt=1620409350084&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=383&adks=4007782779&ucis=v&ifi=31&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

551fb322939d8b33c354ad9fd61d46e04a189c634d940d6dbfbe94f8770b4468

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
165 B 467ms
466ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3928604732167553&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=1&rcs=3&prev_scp=a%3D%257C3%257C%26iid11%3D1064369%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Ditigic_com-box-3-1064369%26eb_br%3Ddfa60cee6e1053fc0c9e607c8047bd28%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D80%26br2%3D1000%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C26%2C30%2C0%2C31%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%2C20%2C21%2C17%2C19%2C20%2C21%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D200%26reqt%3D1620409350088&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409350&dt=1620409350092&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=474&adys=524&adks=3833649259&ucis=w&ifi=32&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

8ca23b1b5785be90974a1fd817b919cc4d0613e3ebd8643f8644eac53fdee6f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 303ms
302ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3837759387165586&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=970x90&ris=1&rcs=3&prev_scp=a%3D%257C1%257C%26iid11%3D1070521%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1100%26sap%3D1100%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D21%26ga%3D2497208%26rid%3D99998%26pt%3D5%26al%3D1005%26compid%3D0%26tap%3Ditigic_com-medrectangle-2-1070521%26eb_br%3D7432360301409ae695ba255f16fbcf06%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D20%26br2%3D550%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D83%2C168%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C774%2C20%2C17%2C18%2C19%2C20%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26refs%3D30%26lb%3D200%26reqt%3D1620409350121&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409350&dt=1620409350125&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=315&adys=1108&adks=1615653332&ucis=x&ifi=33&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=970x-1&msz=970x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=512&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

aa1a65de000d7002883647d0b2b7ea8a6847e5700c3377ac2023d7452b4d0c26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11258
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 front.min.js Show response
itigic.com/wp-content/plugins/table-of-contents-plus/ 6 KB
2 KB 360ms
59ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/plugins/table-of-contents-plus/front.min.js?screx=1&sxcb=2a&ver=2002

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

1399c58acf10d4a686cd34c3f2db63f46c797a483ac7908461a11533e6694b57

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/table-of-contents-plus/front.min.js?screx=1&sxcb=2a&ver=2002
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;ed0ba6133e6205adb0d39914d252fa54;2-198437-2;1b67f3e7-063c-4293-6195-c6ca6e0abcca
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 2265
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 319ms
319ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3347456695593052&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-medrectangle-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=580x400&ris=1&rcs=3&prev_scp=a%3D%257C124%257C%26iid11%3D1076668%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1116%26sap%3D1116%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D13%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D21%26al%3D1021%26compid%3D0%26tap%3Ditigic_com-medrectangle-3-1076668%26eb_br%3D7432360301409ae695ba255f16fbcf06%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D13%26bvm%3D0%26bvr%3D3%26shp%3D1%26ftsn%3D3%26br1%3D20%26br2%3D1600%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%2C22%2C23%2C20%2C21%2C22%2C23%2C17%2C18%2C19%2C20%2C21%2C22%2C23%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D200%26reqt%3D1620409350221&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409350&dt=1620409350225&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=334&adys=1084&adks=1797967201&ucis=y&ifi=34&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x400&msz=580x400&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e1e0e87e53f2678a16fa5d891123d40743a8f3f2a7658ce4d176eb2d54dfdf9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11485
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 86EA 190 KB
55 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30057
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H2 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 86EA 12 KB
5 KB 38ms
16ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30057
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H2 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 86EA 87 KB
27 KB 38ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H2 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 86EA 27 KB
9 KB 43ms
22ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H2 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 86EA 40 KB
13 KB 44ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 86EA 3 KB
1 KB 33ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 16:12:02 GMT
server: ESF
date: Fri, 07 May 2021 17:42:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:30 GMT

GET
DATA 200
OK truncated
/ Frame 86EA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 42d7e85a3c2841677ae5754df71eddb308d751997814815d1d00d49429935d8e

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 86EA 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40947
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H2 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 86EA 344 B
570 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29801
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 86EA 0
0 56ms
55ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CaT3zBnyVYIDECpWRgQfWr5ioBc61zo1iu8v3xIgKv-iivcABEAEg9PnGJWD1lc6B4ASgAePP6LcDyAEBqQKN6e0ro3OyPuACAKgDAcgDCqoEnQJP0CuUeL3HrAH5qD4tTaj4S9y9jrCvpVVJ2G-pQjveA3fHXfpCWP0UjY9R-Bq1ZnLPA66hkrhzQaOo_MsYI-lSRSTw29axd_Llxe_bJtYLzKuYdiiIWFxfyDvKxQaPnPmCJ5-kLY9us2j6_W8nx_hSIKB467aqW0cCoQ1ktk6xPkJRoLdf6ahESHgQIRjkDAMtH0ZIaBUhU2GdkBRNkXyZMki0qYpch35XvZzOjtgSV4Vm5poxi8tm8nWWilnIODlTqtT4svbAajTKdkvnLa7PfXSxZf6IBwEIZEr58wdWBIGLx5nY6KKZwAgU8vSlLA0PgErkdpNrnh_XhnJWZwiwu1rOuxSNsHGPdhIga6nJ8XhWQNgV1KgbvL1pNxzABP-pr7ubAuAEAZIFBAgEGAGSBQQIBRgEgAeFsJdIqAeKnLECqAfVyRuoB_DZG6gH8tkbqAeOzhuoB5PYG6gHugaoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEKiiDNIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY4ODk4NDc2NDIzMjkzMzCACgPICwHYEw2IFAPQFQGAFwGyFxoKGAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOA&sigh=4NgurDnaKOw
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 greenoaks.gif Show response
itigic.com/detroitchicago/ 0
19 B 345ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijg2In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxMjMwIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIzMyJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI4ODAifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI4ODEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTc0MSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjE5ODIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjE5ODIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoibmF2aWdhdGlvbl90eXBlIiwidmFsIjoiMCJ9LHsibmFtZSI6InJlZGlyZWN0X2NvdW50IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJwZXJmX2lzX3RyYWNrZWQiLCJ2YWwiOiIxIn0seyJuYW1lIjoicGVyZl9uYXZfdG9fY29ubmVjdCIsInZhbCI6Ijg2In0seyJuYW1lIjoicGVyZl9jb25uZWN0X3RvX3Jlc3Bfc3RhcnQiLCJ2YWwiOiIxMjMwIn0seyJuYW1lIjoicGVyZl9yZXNwX3RpbWUiLCJ2YWwiOiIzMyJ9LHsibmFtZSI6InBlcmZfaW50ZXJhY3RpdmUiLCJ2YWwiOiI4ODAifSx7Im5hbWUiOiJwZXJmX2NvbnRlbnRsb2FkZWQiLCJ2YWwiOiI4ODEifSx7Im5hbWUiOiJwZXJmX2NvbXBsZXRlIiwidmFsIjoiMTc0MSJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJmaXJzdF9wYWludCIsInZhbCI6IjE5ODIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiZmlyc3RfY29udGVudGZ1bF9wYWludCIsInZhbCI6IjE5ODIifV19LHsidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9lZmZlY3RpdmVfdHlwZSIsInZhbCI6IjRnIn1dfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvv=20; ezouspva=1; ezouspvh=20
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 greenoaks.gif Show response
itigic.com/detroitchicago/ 0
19 B 344ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiNzU5NSJ9XX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiY29ubmVjdGlvbl9kb3dubGluayIsInZhbCI6IjEwIn1dfSx7InR5cGUiOiJwYWdldmlldyIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiZGF0YSI6W3sibmFtZSI6ImNvbm5lY3Rpb25fcnR0IiwidmFsIjoiMCJ9XX0seyJ0eXBlIjoicGFnZXZpZXciLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImRhdGEiOlt7Im5hbWUiOiJ0aW1lcl9maXJzdF9hZF9sb2FkIiwidmFsIjoiNzU5NSJ9XX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvv=20; ezouspva=1; ezouspvh=20
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 346ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3NDMyMzYwMzAxNDA5YWU2OTViYTI1NWYxNmZiY2YwNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3NDMyMzYwMzAxNDA5YWU2OTViYTI1NWYxNmZiY2YwNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwNDE2OTc5In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvv=20; ezouspva=1; ezouspvh=20
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
93 B 103ms
29ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 350ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvv=20; ezouspva=1; ezouspvh=20
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 351ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTAsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjExMDAsImJpZF9mbG9vcl9wcmV2IjoyMDAsImJpZF9mbG9vcl9maWxsZWQiOjIwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjozMjYsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTAsImFkX3Bvc2l0aW9uIjoxMTAwLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjExMDAsImJpZF9mbG9vcl9wcmV2IjoyMDAsImJpZF9mbG9vcl9maWxsZWQiOjIwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjozMjYsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvv=20; ezouspva=1; ezouspvh=20
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H2 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 86EA 21 KB
21 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:32:02 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:21 GMT
server: sffe
age: 144628
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21716
x-xss-protection: 0
expires: Fri, 06 May 2022 01:32:02 GMT

GET
H2 200 4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 86EA 21 KB
21 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:31:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:16 GMT
server: sffe
age: 144659
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21552
x-xss-protection: 0
expires: Fri, 06 May 2022 01:31:31 GMT

GET
H2

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame 86EA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

61ms
39ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 07 May 2021 17:42:30 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 track-internal-links.js Show response
itigic.com/wp-content/plugins/interlinks-manager/public/assets/js/ 1 KB
670 B 349ms
46ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/plugins/interlinks-manager/public/assets/js/track-internal-links.js?screx=1&sxcb=2a&ver=1.25

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

7b383d7534e1493c687cad842946d899c14f94b5cc549c09b105401bcb157f8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/interlinks-manager/public/assets/js/track-internal-links.js?screx=1&sxcb=2a&ver=1.25
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvv=20; ezouspva=1; ezouspvh=20
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;ea2337b19d29cf3b943bf9a79393f636;2-198437-2;3235589b-8b8c-4554-5182-4e28ddab3bc6
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 397
response: 200
last-modified: Thu, 06 May 2021 21:16:08 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame E3D4 190 KB
54 KB 22ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30057
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E3D4 12 KB
4 KB 29ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30057
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E3D4 87 KB
27 KB 31ms
17ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E3D4 27 KB
9 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame E3D4 40 KB
13 KB 32ms
18ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30841
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame E3D4 7 KB
741 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500|Roboto:300&lang=es

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

37d29979cc13eac68ee8339830a9685021bdb74db368b1a9bb0be3db71818d63

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:42:30 GMT
server: ESF
date: Fri, 07 May 2021 17:42:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:30 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame E3D4 5 KB
688 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83e1fc06d61560e19649771db56bc018fc7fdb56e98f3a9f74505230a8f35060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 16:15:24 GMT
server: ESF
date: Fri, 07 May 2021 17:42:30 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:30 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E3D4 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40947
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame E3D4 344 B
368 B 7ms
7ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29801
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
DATA 200
OK truncated
/ Frame E3D4 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf824bcf90fb5c2f3b683257742d07ed471c866fef916389bd29b5212fab0aa

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame E3D4 0
0 52ms
52ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=C3U9DBnyVYJzqENiWgAeYx52QDOPezbdil-KM85gM3Mjzit4QEAEg9PnGJWD1lc6B4ASgAf_bisgDyAEG4AIAqAMByAMKqgSZAk_QR560MAgaTc0twgWhPCDmFbUi7ky4RNCNycXkWgYrak-0RJkxOZD_BAvohXngtsnqtQ372nPtfD7tOG3Ktzgh1HoFtMKkVExy0NTRzuyvwHbcIn3vRJAxpbQ4XCAzBn4rMiUPJmoaf38Li_8y_z9oHHxHG3Jsuo58zqOWFRTwCMkr8TbUKBVaLFhMWlX9ZLpEssFugFOuF11IR63skNVrTFPh9tg5KXGim7a3N3-mUfqvX-WNVK5u8q8ynDjx3kzVtVbwVw-mex2u3S4c-Tjr0F7HvTkxe7vIRppOwt6IVnZMx8Hoe9XuW3Hu7IAve__zcuVwGLQDrzSRKbP-jG004IYC7Y2yBUQlQmJqLLaYAlIDm9NwDkgZwATTxb29mwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH3tKAQagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCoogzSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi02ODg5ODQ3NjQyMzI5MzMwgAoDyAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTYzOTY4NDQ3NDI0OTcyMDg&sigh=OeikDfg6QHI&template_id=492
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame E3D4 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSIdiNlbqTSOBkviUJt0H-M11jCUK6NaqlEjfG0xbkvuDjykfq9qkg634Ig7vt8zUuYItTEXKzclJLH92K13gN60wKnzA
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
52 B 341ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3NDMyMzYwMzAxNDA5YWU2OTViYTI1NWYxNmZiY2YwNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDc2NjY4IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMTYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTUwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDc2NjY4IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMTYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3NDMyMzYwMzAxNDA5YWU2OTViYTI1NWYxNmZiY2YwNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDIsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDc2NjY4IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMTYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImNyZWF0aXZlX2lkIiwidmFsIjoiMTM4MzEwMDQzNTUwIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDc2NjY4IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMy0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMTYsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImxpbmVpdGVtX2lkIiwidmFsIjoiMjg2ODcyNzQifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:31 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 30ms
29ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:30 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 341ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:31 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 342ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTEsImFkX3Bvc2l0aW9uIjoxMTE2LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjExMDAsImJpZF9mbG9vcl9wcmV2IjoyMDAsImJpZF9mbG9vcl9maWxsZWQiOjIwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjozNzMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTEsImFkX3Bvc2l0aW9uIjoxMTE2LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjExMDAsImJpZF9mbG9vcl9wcmV2IjoyMDAsImJpZF9mbG9vcl9maWxsZWQiOjIwLCJhdWN0aW9uX2NvdW50Ijo0LCJyZWZyZXNoX2FkX2NvdW50IjowLCJhdWN0aW9uX2R1cmF0aW9uIjozNzMsIm11bHRpX2FkX3VuaXQiOjAsIm11bHRpX2FkX2NvdW50IjowLCJuZXR3b3JrX2NvZGUiOjEyNTQxNDQsImRhdGEiOlt7Im5hbWUiOiIiLCJ2YWwiOiIifV0sImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzR9XQ==
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:30 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:30 UTC

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame E3D4 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500|Roboto:300&lang=es

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 143938
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 06 May 2022 01:43:32 GMT

GET
H3-29 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame E3D4 44 KB
44 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500|Roboto:300&lang=es

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
age: 93502
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:08 GMT

GET
H3-29

200

si
googleads.g.doubleclick.net/pagead/drt/ Frame E3D4
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
0

62ms
61ms

Image
text/html

2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://googleads.g.doubleclick.net/pagead/drt/si
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Redirect headers

date: Fri, 07 May 2021 17:42:30 GMT
x-content-type-options: nosniff
server: safe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0

GET
H2 200 q2w3-fixed-widget.min.js Show response
itigic.com/wp-content/plugins/q2w3-fixed-widget/js/ 5 KB
1 KB 358ms
57ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?screx=1&sxcb=2a&ver=5.3.0

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

3dda9a27a479da565ecc0430ec8c78c76aa9d87bf3c3921f6fe4fa33c48b151d

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-content/plugins/q2w3-fixed-widget/js/q2w3-fixed-widget.min.js?screx=1&sxcb=2a&ver=5.3.0
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Hit ds;mm;061fbe7ff906a4807b7e8a51f6dd1754;2-198437-2;f784aeb9-552b-431c-6cea-cef19cea2fa5
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 1335
response: 200
last-modified: Thu, 06 May 2021 21:16:05 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,User-Agent,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 344 B
170 B 668ms
668ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1861012490059979&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=1&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3De95a0029a1c0d52e1f82ee010826e7d9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D4000%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D6500%26reqt%3D1620409350039&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351043&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1560&adks=686215702&ucis=z&ifi=35&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=3&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

4efae2bf3d602963b6cee19b3ee358ad0b7691205a0ed10477bb5af8a8db9657

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
172 B 971ms
970ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3881974058444494&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=1&prev_scp=a%3D%257C6%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D2%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3De95a0029a1c0d52e1f82ee010826e7d9%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D4000%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D6500%26reqt%3D1620409350040&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351058&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1825&adks=223664751&ucis=10&ifi=36&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x262&msz=300x262&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=4&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

0e9ff11df9470eee4787243897f4bffd9e6ac022d03ca7b502eec89d0d8e9a80

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 69ms
68ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: itigic.com
URL: https://itigic.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486369
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: 6IY4TCP3GEJxuPq8X9WD1VSfsOC5Qe6RJQT9yXPvbtTjBaa7nfgrIg==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

GET
H2 200 wp-embed.min.js Show response
itigic.com/wp-includes/js/ 2 KB
778 B 658ms
355ms Script
application/javascript 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://itigic.com/wp-includes/js/wp-embed.min.js?screx=1&sxcb=2a&ver=5.7.1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-19-6-38.eu-west-1.compute.amazonaws.com

Software

nginx/1.16.0 /

Resource Hash

5827adb70b8322616b409c3230bd1a69a203870fe0e77b2d19c74d36053c3a81

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

:path: /wp-includes/js/wp-embed.min.js?screx=1&sxcb=2a&ver=5.7.1
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
display: staticcontent_sol, staticcontent_sol
x-ezoic-cdn: Bypass
x-middleton-display: staticcontent_sol, staticcontent_sol
strict-transport-security: max-age=63072000; includeSubDomains
alt-svc: quic=":443"; ma=2592000; v="43,46", h3-Q043=":443"; ma=2592000, h3-Q046=":443"; ma=2592000, h3-Q050=":443"; ma=2592000, h3-25=":443"; ma=2592000, h3-27=":443"; ma=2592000
content-length: 712
response: 200
last-modified: Thu, 06 May 2021 21:16:04 GMT
server: nginx/1.16.0
x-frame-options: SAMEORIGIN
vary: Accept-Encoding Accept-Encoding,Origin
content-type: application/javascript
x-middleton-response: 200
cache-control: max-age=604800, public
x-turbo-charged-by: LiteSpeed
x-ez-proxy-out: true 2.2
expires: Fri, 14 May 2021 17:42:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
167 B 495ms
495ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3957806661458242&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=4&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D450%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1620409350393&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351397&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=913&adks=165232301&ucis=11&ifi=37&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

18cc5e8817b84f62c697000fca7567e088c981f056b9fed09bd9984731bace1c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
164 B 329ms
327ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3207254040311692&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=2&rcs=4&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3D527e52c10635ac8136a4c84094ee49a8%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D70%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%2C20%2C20%2C608%2C17%2C20%2C608%2C17%2C19%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D120%26reqt%3D1620409350405&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351408&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=290&adks=3929797713&ucis=12&ifi=38&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

59a30a962cf8b843f6eed65fd0833756eb9e1df842b336ed0805966c5ade463a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 greenoaks.gif Show response
itigic.com/detroitchicago/ 0
19 B 343ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjQxMjc2MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI4In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6Ijg5Mzk4MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMTAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjEwOTYwMDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjY4NTAifV19XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /detroitchicago/greenoaks.gif?orig=0&ds=W3sidHlwZSI6InBhZ2V2aWV3IiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJkb21haW5faWQiOiIxOTg0MzciLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJkYXRhIjpbeyJuYW1lIjoiZGlzcGxheV9hZF92aWV3cG9ydF9weCIsInZhbCI6IjQxMjc2MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfdmlld3BvcnRfY291bnQiLCJ2YWwiOiI4In0seyJuYW1lIjoibmF0aXZlX2FkX3ZpZXdwb3J0X3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF92aWV3cG9ydF9jb3VudCIsInZhbCI6IjAifSx7Im5hbWUiOiJkaXNwbGF5X2FkX2RvY19weCIsInZhbCI6Ijg5Mzk4MCJ9LHsibmFtZSI6ImRpc3BsYXlfYWRfZG9jX2NvdW50IiwidmFsIjoiMTAifSx7Im5hbWUiOiJuYXRpdmVfYWRfZG9jX3B4IiwidmFsIjoiMCJ9LHsibmFtZSI6Im5hdGl2ZV9hZF9kb2NfY291bnQiLCJ2YWwiOiIwIn0seyJuYW1lIjoidmlld3BvcnRfc2l6ZSIsInZhbCI6IjE2MDB4MTIwMCJ9LHsibmFtZSI6InZpZXdwb3J0X3B4IiwidmFsIjoiMTkyMDAwMCJ9LHsibmFtZSI6ImRvY19weCIsInZhbCI6IjEwOTYwMDAwIn0seyJuYW1lIjoiZG9jX2hlaWdodCIsInZhbCI6IjY4NTAifV19XQ==
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:31 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
167 B 417ms
416ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2088308514793676&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=4&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D450%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1620409350506&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351511&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=648&adks=165232300&ucis=13&ifi=39&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a534a12fa3e3d1b3c0a2cd57e8c42c5994af66e00eef071d0ebea069f987e954

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
167 B 248ms
248ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2214688537371660&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=4&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D450%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1620409350579&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351582&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1178&adks=165232298&ucis=14&ifi=40&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c8d38dec050c2a2e71201670b625cfaa7fe4ba80541e26c6fab9a1685c3545fc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 90ms
90ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: itigic.com
URL: https://itigic.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486369
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: bzSwxJTtQhIKpajvqDgN9OQTEz9pKnZBqVp5a5gfFYMzcVo901HO6Q==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
11 KB 363ms
363ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=336482004824252&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-3&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&ris=2&rcs=4&prev_scp=a%3D%257C3%257C%26iid11%3D1064369%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1114%26sap%3D1114%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D12%26reft%3Dn%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D2%26al%3D1002%26compid%3D0%26tap%3Ditigic_com-box-3-1064369%26eb_br%3D7432360301409ae695ba255f16fbcf06%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D22%26bvm%3D0%26bvr%3D5%26shp%3D1%26ftsn%3D3%26br1%3D20%26br2%3D1000%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C26%2C30%2C0%2C31%26deal1%3D22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C760%2C761%2C815%2C816%2C817%2C818%2C893%2C899%2C903%2C919%2C774%2C21%2C20%2C21%2C17%2C19%2C20%2C21%2C17%2C18%2C19%2C20%2C21%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D80%26reqt%3D1620409350640%26hb_bidder%3Dix%26hb_adid%3D205220858195d65a%26hb_pb%3D0.09%26hb_format%3Dbanner%26hb_ssid%3D10082&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351644&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=474&adys=524&adks=3833649259&ucis=15&ifi=41&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=678x250&msz=300x250&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=4&ohw=678&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c67409ea34890f9bb10d9f8f2f6b3dd06df844f5f452d887af841d400f906b28

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11401
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 86EA 42 B
501 B 64ms
46ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvLFjIqyV51zOpwtOajFKqo8X7eS_GDV-_-0fg1YaSrhOXXuidWmMC_pE-vkwP_Ow147CyY0blficwTgsFsGW1ja58ZeAHlgtWmVHPe8piwNjjwdEFdpr9SIh0zq9ZtGP1vDf2yFBNgka3XngnwNQ&sai=AMfl-YTq9OpxuNCzS0v9rw5pdjeNxULSga4XnYmfO7dms0hRPr5V9FOW1SkQNzid8CJ9KC1fxDy5fY20GOMFnbdeFIONIovmfdWKmvKORisxYxE9s46jP2VYaG5kIyA&sig=Cg0ArKJSzLy2VjXbhQdCEAE&cid=CAASFeRobVuzxoIy95CTalD80qFLLY7IvA&id=ampim&o=315,1108&d=970,90&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=169&tls=1170&g=100&h=100&tt=1170&r=v&avms=ampa&adk=1615653332

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:31 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
65 B 341ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:32 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
172 B 204ms
203ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3603779845229518&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3Da9ec56005762ef40746ec1b6d554f472%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D2800%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D4000%26reqt%3D1620409351720&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351725&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1560&adks=686215702&ucis=16&ifi=42&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=5&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

509798a55132cdc24b38e03e7699ca9f834c1eca23a8c85f93c1a1a57ecbf9e8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
166 B 314ms
313ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1649331042436402&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=4&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D6e85b37de1b1ffc2593baa5d6e4b02fc%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D450%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D500%26reqt%3D1620409350857&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351860&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=383&adks=4007782779&ucis=17&ifi=43&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

02a086abc2d789dc287ce98d260bf76ffee88c23072f53ec9a1b099d2f7cdd70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
167 B 327ms
326ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=243613106000088&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1620409351900&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351903&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=913&adks=165232301&ucis=18&ifi=44&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

67d3546164d9c00f9c8c60b74ef4a30c2c8932edd3508e404c492c0439f86f3e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 332 B
165 B 241ms
240ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3596368605368754&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=1&rcs=5&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3Dd31e71883d00099e275b6c5878eed023%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D32%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%2C20%2C20%2C608%2C17%2C20%2C608%2C17%2C19%2C20%2C608%2C17%2C19%2C20%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D70%26reqt%3D1620409351913&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409351&dt=1620409351915&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=290&adks=3929797713&ucis=19&ifi=45&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

9985bae31ea8ea29c17898e304915689c81644829d1a51ca12821508e46c79fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 135
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 341ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3MDUyMSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAwLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTA0MTY5NzksImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils5NzAsOTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDcwNTIxIiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1tZWRyZWN0YW5nbGUtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDAsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDQxNjk3OSwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezouspvv=40; ezouspva=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:32 UTC

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 123 KB
43 KB 150ms
50ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
last-modified: Fri, 30 Apr 2021 17:14:07 GMT
etag: "608a4fd7-abe7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 44007
expires: Fri, 07 May 2021 18:42:32 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 741D 190 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30059
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 741D 12 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30059
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 741D 87 KB
27 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30843
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 741D 27 KB
9 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30843
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 741D 40 KB
13 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30843
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 741D 5 KB
688 B 19ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=es

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83e1fc06d61560e19649771db56bc018fc7fdb56e98f3a9f74505230a8f35060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:42:32 GMT
server: ESF
date: Fri, 07 May 2021 17:42:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:32 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 741D 5 KB
688 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

83e1fc06d61560e19649771db56bc018fc7fdb56e98f3a9f74505230a8f35060

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 16:54:20 GMT
server: ESF
date: Fri, 07 May 2021 17:42:32 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:32 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 741D 3 KB
3 KB 8ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40949
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 741D 344 B
368 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29803
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
DATA 200
OK truncated
/ Frame 741D 218 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 084cf3a821fc57f2583dae3ff29f38f5786dbc9de435060efa2f64415422c159

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 741D 0
0 52ms
52ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Cm9HSB3yVYOuoKtXV7gO1wpWQA-Pezbdil-KM85gM3Mjzit4QEAEg9PnGJWD1lc6B4ASgAf_bisgDyAEG4AIAqAMByAMKqgScAk_QtxEw-u2ngU40PBrXMA9GxkTbZ1SuOUonq54jRfV9sqapEiU00slaptJnw61V9idC1AmOV9__annM7oi2FrX88qZ6wwmefEtinCuQzH7DVJc5gwxamOdUuXwtmmocMTSfPPkJNy90VCOpgSBogNeJ5600ZpNLIelyggH6mBqp4iTHOqBEh0iV0LkHQSMiJ54ylgc4TBHUkrH0da_EO7PaJ677mxnEq4eY5Jmy05BWt1u8m0-h9pdyQ2o4MVWxhppeniPZkLCZStJYT18LrTuEh4NkqhMIH5J4VTShhNJQ_uH7Mb24q9Lnd5m7YsBip6olVNXbNZ1Ou_p0LWs3_DglN9wE9z9czE6KkyzzTER44hNJJcd85Z_M3P1JwATTxb29mwPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGN4AH3tKAQagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHBBCoogzSCAcIgGEQARgd8ggbYWR4LXN1YnN5bi02ODg5ODQ3NjQyMzI5MzMwgAoDyAsB2BMNiBQB0BUBgBcBshcaChgIABIUcHViLTYzOTY4NDQ3NDI0OTcyMDg&sigh=UX8dMnoFOsY&template_id=492
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 741D 0
0 13ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQFn0pI2y3w7H3BbmEUd7_IeyLJOwmI2UKLi3i9oSTx4T_H-i0cWcxvHPeQyqlBLzbsaezMtlax0wKzSDk1tTAZuUZLnw
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
166 B 219ms
218ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=110948738915531&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1620409352030&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409352&dt=1620409352035&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=648&adks=165232300&ucis=1a&ifi=46&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ecf3b81fbe0c08f9a3c44094e302f8f7eb4f5bb7e88088b55dead2ac1a781124

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 343ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3NDMyMzYwMzAxNDA5YWU2OTViYTI1NWYxNmZiY2YwNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MjA4NjExMDk1LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODIwODYxMTA5NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiI3NDMyMzYwMzAxNDA5YWU2OTViYTI1NWYxNmZiY2YwNiJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDIsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MC4wMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDA4LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MjA4NjExMDk1LCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODIwODYxMTA5NSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; ezouspva=3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:32 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
40 B 31ms
31ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 342ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; ezouspva=3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:32 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 341ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTIsImFkX3Bvc2l0aW9uIjoxMTE0LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjcwMCwiYmlkX2Zsb29yX3ByZXYiOjgwLCJiaWRfZmxvb3JfZmlsbGVkIjoyMCwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6Mzc4LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTIsImFkX3Bvc2l0aW9uIjoxMTE0LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjcwMCwiYmlkX2Zsb29yX3ByZXYiOjgwLCJiaWRfZmxvb3JfZmlsbGVkIjoyMCwiYXVjdGlvbl9jb3VudCI6NSwicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6Mzc4LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; ezouspva=3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:32 UTC

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 741D 15 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=es

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 143940
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 06 May 2022 01:43:32 GMT

GET
H3-29 200 jizaRExUiTo99u79D0KExQ.woff2
fonts.gstatic.com/s/ptsans/v12/ Frame 741D 44 KB
44 KB 8ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0KExQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=PT+Sans:400|Roboto:400,500&lang=es

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 15:44:08 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:20 GMT
server: sffe
age: 93504
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 45416
x-xss-protection: 0
expires: Fri, 06 May 2022 15:44:08 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
172 B 338ms
338ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1997177344757930&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=2&prev_scp=a%3D%257C6%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D3%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3Da9ec56005762ef40746ec1b6d554f472%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D2800%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D4000%26reqt%3D1620409352065&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409352&dt=1620409352068&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1825&adks=223664751&ucis=1b&ifi=47&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=6&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

77bb5b01653cd5954802c9b155b6c5bafd0bc9be44732e0a95716ab0ed2880da

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
167 B 257ms
257ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2618323454937559&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1620409352097&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409352&dt=1620409352100&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1178&adks=165232298&ucis=1c&ifi=48&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

ef5b3c2278c7ea47521d3989bc9b56682dcb73ee9b5ac2d3cd517c5170656d48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 137
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 741D 3 KB
3 KB 6ms
5ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40949
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 741D 344 B
368 B 6ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29803
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 366ms
65ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils1ODAsNDAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils1ODAsNDAwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA3NjY2OCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tbWVkcmVjdGFuZ2xlLTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE2LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; ezouspva=3
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:32 UTC

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 122ms
121ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486370
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: McCWHNfRJhL9_UPuxz_WhBnVMO7ygR8M9mQ2bkqXjL8B5k-rCprqeg==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.zFRymdMsg_NMUiulHkz09TvbTP-vckPhrL4wq5iehhyhicK84Al6QEzPW5FJbIy6.Yvx5-EIG1AZwCsHWpKcnyNMzu24%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9266.FVTvHn5pFRrepu_2dia2gKCAOJlr7hmRQJ4OGF7g-ZX7opvOqXpxUHw7wwKuOoZTDzTSbI1joM9YmUqy24Q2bg%2C%2C.FONsmCRaPn_BTxPvdZSk5xxdK3Q%2C

75 B
75 B

49ms
49ms

Image
text/html

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9266.FVTvHn5pFRrepu_2dia2gKCAOJlr7hmRQJ4OGF7g-ZX7opvOqXpxUHw7wwKuOoZTDzTSbI1joM9YmUqy24Q2bg%2C%2C.FONsmCRaPn_BTxPvdZSk5xxdK3Q%2C

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9266.FVTvHn5pFRrepu_2dia2gKCAOJlr7hmRQJ4OGF7g-ZX7opvOqXpxUHw7wwKuOoZTDzTSbI1joM9YmUqy24Q2bg%2C%2C.FONsmCRaPn_BTxPvdZSk5xxdK3Q%2C
date: Fri, 07 May 2021 17:42:32 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 49ms
49ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
last-modified: Fri, 30 Apr 2021 17:14:07 GMT
etag: "608a4fd7-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 07 May 2021 18:42:32 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 333 B
166 B 255ms
254ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3336676554953070&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=5&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3D76163170a8636ae5b88417f095893e08%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D400%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D450%26reqt%3D1620409352363&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409352&dt=1620409352366&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=383&adks=4007782779&ucis=1d&ifi=49&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1dbca2dfcb87e1bf742c2b9c2e9afd993ce01fd6a910d26d8374ea6b74928326

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 136
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/36618640/
Redirect Chain

https://mc.yandex.com/watch/36618640?wmode=7&page-url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&charset=utf-8&ut=noindex&browser-info=pv%3A1...
https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&charset=utf-8&ut=noindex&browser-info=pv%3...

203 B
284 B

53ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A1982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A515562310949%3Ahid%3A515363639%3Az%3A120%3Ai%3A20210507194232%3Aet%3A1620409352%3Ac%3A1%3Arn%3A379130169%3Au%3A1620409352194850952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620409341647%3Ads%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C911%2C0%2C3004%2C3004%2C2%2C2144%3Adsn%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C881%2C0%2C3004%2C3004%2C2%2C2144%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620409352%3At%3AComo%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010.%20ITIGIC

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

74fd0705ac2f2149261eb8cad89d6de0e865680a30a6c5a41ae58b1f2e691c7c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:32 GMT
x-content-type-options: nosniff
last-modified: Fri, 07-May-2021 17:42:32 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://itigic.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 203
x-xss-protection: 1; mode=block
expires: Fri, 07-May-2021 17:42:32 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:32 GMT
last-modified: Fri, 07-May-2021 17:42:32 GMT
location: /watch/36618640/1?wmode=7&page-url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&charset=utf-8&ut=noindex&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A1982%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A515562310949%3Ahid%3A515363639%3Az%3A120%3Ai%3A20210507194232%3Aet%3A1620409352%3Ac%3A1%3Arn%3A379130169%3Au%3A1620409352194850952%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620409341647%3Ads%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C911%2C0%2C3004%2C3004%2C2%2C2144%3Adsn%3A0%2C85%2C1144%2C33%2C0%2C0%2C%2C881%2C0%2C3004%2C3004%2C2%2C2144%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620409352%3At%3AComo%20roubar%20informa%C3%A7%C3%B5es%20com%20o%20comando%20do%20dedo%20no%20Windows%2010.%20ITIGIC
strict-transport-security: max-age=31536000
access-control-allow-origin: https://itigic.com
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 07-May-2021 17:42:32 GMT

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 50ms
23ms Script
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 08 May 2021 17:42:32 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame AC41 0
193 B 23ms
22ms Document
text/html 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?topUrl=itigic.com

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?topUrl=itigic.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

cache-control: private, max-age=0
content-type: text/html; charset=utf-8
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
server-processing-duration-in-ticks: 1545
date: Fri, 07 May 2021 17:42:32 GMT
content-length: 0

GET
H2 200 publishertag.prebid.js Show response
static.criteo.net/js/ld/ 80 KB
26 KB 42ms
17ms XHR
text/javascript 2a02:2638:1::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.prebid.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638:1::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:32 GMT
content-encoding: gzip
last-modified: Thu, 18 Mar 2021 09:52:27 GMT
server: nginx
etag: W/"605322db-14013"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 08 May 2021 17:42:32 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 108ms
107ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: itigic.com
URL: https://itigic.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486370
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: qLIYCim7C66U79VmUIB3E7LZ8eenDaT_TnDB1gsmCdWRN5GW97Cz0A==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

POST
H/1.1 200 457.json Show response
id5-sync.com/g/v2/ 213 B
528 B 76ms
21ms XHR
application/json 54.36.109.22
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://id5-sync.com/g/v2/457.json

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.36.109.22 , France, ASN16276 (OVH, FR),

Reverse DNS

p09.id5-sync.com

Software

Resource Hash

fa534949a8bf80de40755ff7ade4c2069037e9b85250c0c1369767b70e7889c6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://itigic.com
Date: Fri, 07 May 2021 17:42:32 GMT
Access-Control-Allow-Credentials: true
Vary: Origin
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=63072000; includeSubDomains; preload
Content-Type: application/json;charset=UTF-8

GET
H2 200 pd Show response
eu-u.openx.net/w/1.0/ Frame 017C 1007 B
864 B 30ms
29ms Document
text/html 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 98fc24db05acee16d2557b8a3e44977f2cecf3bfa10078623365fd7f99d708c6

Request headers

:method: GET
:authority: eu-u.openx.net
:scheme: https
:path: /w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: i=ac6b9099-3f00-0047-1e94-2c9239f70f54|1620409349
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

vary: Accept, Accept-Encoding
set-cookie: i=ac6b9099-3f00-0047-1e94-2c9239f70f54|1620409349; Version=1; Expires=Sat, 07-May-2022 17:42:33 GMT; Max-Age=31536000; Secure; Domain=.openx.net; Path=/; SameSite=None pd=v2|1620409353|mOgegqnskin0vNomiygu; Version=1; Expires=Sat, 22-May-2021 17:42:33 GMT; Max-Age=1296000; Secure; Domain=.openx.net; Path=/; SameSite=None
server: OXGW/16.206.0
p3p: CP="CUR ADM OUR NOR STA NID"
date: Fri, 07 May 2021 17:42:33 GMT
content-type: text/html
content-length: 546
content-encoding: gzip
via: 1.1 google
alt-svc: clear

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 5B42 2 KB
818 B 18ms
18ms Document
text/html 51.89.9.251
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?cb=1620409349773&us_privacy=1---

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.251 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip251.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?cb=1620409349773&us_privacy=1---
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
strict-transport-security: max-age=15552000

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame B688 38 KB
14 KB 111ms
37ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://itigic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=24007
Expires: Sat, 08 May 2021 00:22:40 GMT
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 6B15 52 KB
17 KB 196ms
68ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://itigic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIvrBxEAoYASABKAEwhfjVhAY4AUABSAEQhfjVhAYYAA..; uuid2=4435999911562095551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 07 May 2021 17:42:33 GMT
Age: 45860
X-Served-By: cache-lga21974-LGA, cache-hhn4057-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 809804
X-Timer: S1620409353.257029,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 checksync.php Show response
contextual.media.net/ Frame 6002 33 KB
11 KB 55ms
51ms Document
text/html 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID

Requested by

Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dd17e6deddd65ca2e4be4f82538925b1b2782ec9c70965c9715d71a0090c05cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

server: Apache
content-type: text/html; charset=UTF-8
set-cookie: gdpr_status=1; Expires=Mon, 08 Nov 2021 17:42:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true visitor-id=2634109531228425000V10; Expires=Sat, 07 May 2022 17:42:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true
x-mnet-hl2: E
p3p: CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=172800
expires: Sun, 09 May 2021 17:42:33 GMT
date: Fri, 07 May 2021 17:42:33 GMT
content-length: 11303

GET
H/1.1 200
OK ixmatch.html Show response
js-sec.indexww.com/um/ Frame EBA4 2 KB
1 KB 107ms
36ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://js-sec.indexww.com/um/ixmatch.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c

Request headers

Host: js-sec.indexww.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://itigic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

Server: Apache
Last-Modified: Thu, 11 Feb 2021 16:12:45 GMT
ETag: "e20015-90b-5bb11ca420f07"
Accept-Ranges: bytes
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: text/html; charset=UTF-8
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 1151
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 8F8C 52 KB
17 KB 247ms
100ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://itigic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIvrBxEAoYASABKAEwhfjVhAY4AUABSAEQhfjVhAYYAA..; uuid2=4435999911562095551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 07 May 2021 17:42:33 GMT
Age: 45859
X-Served-By: cache-lga21974-LGA, cache-hhn4034-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 810470
X-Timer: S1620409353.317204,VS0,VE0
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync.html Show response
acdn.adnxs.com/dmp/ Frame 88E8 52 KB
17 KB 240ms
83ms Document
text/html 151.101.113.108
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://acdn.adnxs.com/dmp/async_usersync.html
Requested by: Host: go.ezodn.com
URL: https://go.ezodn.com/hb/dall.js?b=amx,appnexus,criteo,districtm,ix,medianet,oftmedia,onemobile,onetag,openx,pubmatic,rhythmone&cb=194-3-18
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.108 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: nginx/1.13.10 /
Resource Hash: 3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Host: acdn.adnxs.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://itigic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: icu=ChgIvrBxEAoYASABKAEwhfjVhAY4AUABSAEQhfjVhAYYAA..; uuid2=4435999911562095551
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

Connection: keep-alive
Content-Length: 17053
Server: nginx/1.13.10
Content-Type: text/html
Last-Modified: Wed, 02 Dec 2020 20:56:47 GMT
ETag: W/"5fc7ff8f-cf34"
Expires: Mon, 03 May 2021 04:58:05 GMT
Cache-Control: max-age=86402
Access-Control-Allow-Origin: *
Content-Encoding: gzip
Via: 1.1 varnish, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 07 May 2021 17:42:33 GMT
Age: 45859
X-Served-By: cache-lga21974-LGA, cache-hhn4073-HHN
X-Cache: HIT, HIT
X-Cache-Hits: 2, 808568
X-Timer: S1620409353.368107,VS0,VE0
Vary: Accept-Encoding

GET
H2 200 eb00c984-062b-adf9-7595-f28fa287f1e0
pr-bh.ybp.yahoo.com/sync/openx/ Frame 017C 43 B
836 B 98ms
32ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/openx/eb00c984-062b-adf9-7595-f28fa287f1e0?gdpr=0

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 017C
Redirect Chain

https://pm.w55c.net/ping_match.gif?ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://pm.w55c.net/ping_match.gif?scc=1&ei=OPENX&rurl=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537072979%26val%3D_wfivefivec_
https://eu-u.openx.net/w/1.0/sd?id=537072979&val=r31uM5Xd1LF4uJ5

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=r31uM5Xd1LF4uJ5
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Server: PingMatch/v2.0.30-649-g03fe1b8#rel-ec2-master i-06dc1c09a183d011e@eu-central-1b@dxedge-app-eu-central-1-prod-asg
P3P: policyref="https://cts.w55c.net/ct/p3p_policy_ref.xml", CP="UNI PUR COM INT STA OTC STP OUR CUR TAIo COR DSP NOI"
Location: https://eu-u.openx.net/w/1.0/sd?id=537072979&val=r31uM5Xd1LF4uJ5
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 017C
Redirect Chain

https://x.bidswitch.net/sync?ssp=openx
https://x.bidswitch.net/ul_cb/sync?ssp=openx
https://cm.smadex.com/sync?sm_did=bds&bds_ssp_id=openx&bds_param=97b07f29-79cf-42e2-b3bd-04ef87c4ec66
https://x.bidswitch.net/sync?dsp_id=340&user_id=de0b04b4-4c07-4b4e-8d06-7cb2c74abebd&expires=10&ssp=openx&bsw_param=97b07f29-79cf-42e2-b3bd-04ef87c4ec66
https://us-u.openx.net/w/1.0/sd?id=537072968&val=97b07f29-79cf-42e2-b3bd-04ef87c4ec66

43 B
106 B

28ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072968&val=97b07f29-79cf-42e2-b3bd-04ef87c4ec66
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: //us-u.openx.net/w/1.0/sd?id=537072968&val=97b07f29-79cf-42e2-b3bd-04ef87c4ec66
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET

Pug
image2.pubmatic.com/AdServer/ Frame 017C
Redirect Chain

https://match.prod.bidr.io/cookie-sync/ox
https://match.prod.bidr.io/cookie-sync/ox?_bee_ppp=1
https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFEN2NVN0JLdmdBQUN6RXRMUTU2UQ&bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&b...
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=pm%2Csas%2Cpp%2Cox&bee_sync_current_partner=adx&bee_sync_initiator=ox&bee_sync_hop_count=1
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3...

0
0

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 017C
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ba7f6095-7c09-4f00-a281-f72d7a5bc507

43 B
106 B

26ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ba7f6095-7c09-4f00-a281-f72d7a5bc507
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date: Fri, 07 May 2021 17:42:32 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x1
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://eu-u.openx.net/w/1.0/sd?id=536872786&val=ba7f6095-7c09-4f00-a281-f72d7a5bc507
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 07 May 2021 17:42:31 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 017C
Redirect Chain

https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v3hMmr4rRZakehTNvS5Ym7EtRJ6kLkyY7SvT7Dy6

43 B
122 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v3hMmr4rRZakehTNvS5Ym7EtRJ6kLkyY7SvT7Dy6
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://us-u.openx.net/w/1.0/sd?id=537072956&gdpr=0&val=v3hMmr4rRZakehTNvS5Ym7EtRJ6kLkyY7SvT7Dy6
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

sd
eu-u.openx.net/w/1.0/ Frame 017C
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=22
https://c1.adform.net/serving/cookie/match?CC=1&party=22
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3517474811054844030

43 B
106 B

29ms
28ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3517474811054844030
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: nginx
location: https://eu-u.openx.net/w/1.0/sd?id=537113484&val=3517474811054844030
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H2 200 openx
match.adsrvr.org/track/cmf/ Frame 017C 70 B
265 B 173ms
52ms Image
image/gif 34.250.165.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/openx?oxid=7fc7afc0-9687-3fb0-4442-e47a5dd03ca9&gdpr=0
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.165.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 pixel
cm.g.doubleclick.net/ Frame 017C 170 B
506 B 75ms
28ms Image
image/png 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NTNhODdjMGEtNWZmMC02MTE0LTUxYTItYmVjMzk3MzJmMmM5

Requested by

Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 017C
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJueYU4c3JT_-sefOe-qqBg&google_cver=1

43 B
106 B

27ms
26ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJueYU4c3JT_-sefOe-qqBg&google_cver=1
Requested by: Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=10&ph=4a396f87-5bac-47c7-9375-0b25be4ee393&gdpr=0&us_privacy=1---
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.206.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://eu-u.openx.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
server: OXGW/16.206.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEJueYU4c3JT_-sefOe-qqBg&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 295
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 741D 42 B
64 B 45ms
45ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstw84T-uLPdFx1Yt6cPUE76Jre4dD7XfuV4jsNo6Y0uOPb3t-wLssWq42GFxwn132hIbP8bN44e2JfEwwPBw5eIIzov3ivo_CLz-KtL7BBCBVs3ZP4P6E2q4L0&sai=AMfl-YSteXxwP-YpQSEcmuyfaignOdYq5-7hIdYJEQ6c3ZC9CbjpyVuzjui6x3lJ2PSVgyAusmJSimZ3Vlf2JQD53vuv96ms3eOKcpLTgO-OQGoUhlI-H3wTTnhBzzs&sig=Cg0ArKJSzAKP20jel3CkEAE&cid=CAASFeRoXCVSRg2FF8rbVJMu7nVrpukOSQ&id=ampim&o=474,524&d=300,250&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=126&tls=1126&g=100&h=100&tt=1126&r=v&avms=ampa&adk=3833649259

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
65 B 340ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTExNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTExNCwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; ezouspva=3; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 sync Show response
gum.criteo.com/ Frame 6002 60 B
380 B 23ms
22ms Script
text/javascript 2a02:2638::1c
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/sync?r=2&c=321&gdpr=1&gdpr_pd=0&gdpr_consent=&us_privacy=1---&j=window.advBidxc.mnetRtusId

Requested by

Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::1c , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
date: Fri, 07 May 2021 17:42:32 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: private, max-age=3600
server-processing-duration-in-ticks: 1368
content-length: 174
expires: 60

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 91B5
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=medianet
https://eus.rubiconproject.com/usync.html?p=medianet

281 B
554 B

69ms
22ms

Document
text/html

23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=medianet
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://contextual.media.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contextual.media.net/

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "40005-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=medianet
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H2

200

cksync.html Show response
contextual.media.net/ Frame E34B
Redirect Chain

https://p.rfihub.com/cm?pub=19967&in=1&forward=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Drkt%26refUrl%3D%26vid%3D040935321326341095312284250...
https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=rkt&refUrl=&vid=04093532132634109531228425000V10&ovsid=1870471594926749949

220 B
732 B

48ms
47ms

Document
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=rkt&refUrl=&vid=04093532132634109531228425000V10&ovsid=1870471594926749949

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

421192a006149c26292f6690c2cb34bf0425ab74ae9ae0a47f8d3cd7a8c7c765

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

:method: GET
:authority: contextual.media.net
:scheme: https
:path: /cksync.html?cs=8&vsid=2634109531228425000V10&type=rkt&refUrl=&vid=04093532132634109531228425000V10&ovsid=1870471594926749949
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://contextual.media.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: gdpr_status=1; visitor-id=2634109531228425000V10; data-g=CAESEBv8AbL7_aCMjypY-pMu-gk~~8; data-o=b7ebc65f-3d87-0550-270d-9a14ef3fae75~~8; data-amb=4506448288219617478~~8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contextual.media.net/

Response headers

server: Apache
content-length: 220
content-type: text/html;charset=UTF-8
set-cookie: gdpr_status=1; Expires=Mon, 08 Nov 2021 17:42:33 GMT; domain=.media.net; Path=/; sameSite=none; secure=true data-rk=1870471594926749949~~8;Expires=Fri, 06 May 2022 17:42:33 GMT;path=/;domain=.media.net; sameSite=none; secure=true
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA" CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=604800
vary: Accept-Encoding
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

Date: Fri, 07 May 2021 17:42:33 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: rud=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NLE0MjM3sQTSQnyGulE-Fa4GIRG5-cWO2VK8hmZGBiYGlsamxsZGpgDt6rx-NAAAAA; Path=/; Domain=.rfihub.com; Expires=Wed, 1 Jun 2022 17:42:33 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwNzAxNzS1NLE0MjM3sQTSQnyGulE-Fa4GIRG5-cWO2QDyyAzlJQAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Location: https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=rkt&refUrl=&vid=04093532132634109531228425000V10&ovsid=1870471594926749949
Content-Length: 0
Server: Jetty(9.3.29.v20201019)

GET
H/1.1 200
OK user_sync.html Show response
ads.pubmatic.com/AdServer/js/ Frame 7823 8 KB
3 KB 68ms
41ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dpba%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3DPM_UID
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://contextual.media.net/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://contextual.media.net/

Response headers

Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
ETag: "1300708-1f78-5b232eb4914bb"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 2654
Content-Type: text/html; charset=UTF-8
Cache-Control: max-age=162602
Expires: Sun, 09 May 2021 14:52:35 GMT
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H2 200 log
cslogger.media.net/ Frame 6002 35 B
194 B 453ms
444ms Image
image/gif 2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cslogger.media.net/log?logid=kfk&evtid=cs&del=1&vsid=2634109531228425000V10&origin=1&flt=0&pvgid[]=data-p&pvgid[]=data-b&pvgid[]=data-t&pvgid[]=data-sov&pvgid[]=data-r1&pvgid[]=data-pb&pvgid[]=data-xu&pvgid[]=data-tx&pvgid[]=data-ct
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Jetty(9.4.35.v20201120) /
Resource Hash: 796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: Jetty(9.4.35.v20201120)
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
content-length: 35
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H2

200

cksync.html
contextual.media.net/ Frame 6002
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=78e2dffc-bb89-4bb2-ae92-f592d006518b&ph=6a16560a-f6c6-4851-b7b5-0b2c0190166a&r=https%3A%2F%2Fcontextual.media.net%2Fcksync.html%3Fcs%3D8%26vsid%3D2634109531228425...
https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=opx&refUrl=&vid=04093532132634109531228425000V10&ovsid=b7ebc65f-3d87-0550-270d-9a14ef3fae75

220 B
220 B

61ms
61ms

Image
text/html

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=opx&refUrl=&vid=04093532132634109531228425000V10&ovsid=b7ebc65f-3d87-0550-270d-9a14ef3fae75

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 07 May 2021 17:42:33 GMT
vary: Accept-Encoding
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: text/html;charset=UTF-8
content-length: 220
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
server: OXGW/16.206.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://contextual.media.net/cksync.html?cs=8&vsid=2634109531228425000V10&type=opx&refUrl=&vid=04093532132634109531228425000V10&ovsid=b7ebc65f-3d87-0550-270d-9a14ef3fae75
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

cksync.php
contextual.media.net/ Frame 6002
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=64&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dmma%26refUrl%3D%26vid%3D040935321326341095312284...
https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=mma&refUrl=&vid=04093532132634109531228425000V10&ovsid=51c86095-7c09-4f00-a144-a659366fc7e4

46 B
545 B

71ms
70ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=mma&refUrl=&vid=04093532132634109531228425000V10&ovsid=51c86095-7c09-4f00-a144-a659366fc7e4

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 07 May 2021 17:42:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

Date: Fri, 07 May 2021 17:42:32 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x14
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=mma&refUrl=&vid=04093532132634109531228425000V10&ovsid=51c86095-7c09-4f00-a144-a659366fc7e4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 07 May 2021 17:42:31 GMT

GET
H2

200

cksync
cs.media.net/ Frame 6002
Redirect Chain

https://cm.g.doubleclick.net/pixel?cs=8&google_nid=media&google_cm=1&google_hm=MjYzNDEwOTUzMTIyODQyNTAwMFYxMA%3D%3D&google_sc=1
https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBv8AbL7_aCMjypY-pMu-gk&google_cver=1

46 B
528 B

48ms
47ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBv8AbL7_aCMjypY-pMu-gk&google_cver=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-235-93.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: Apache
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cs.media.net/cksync?type=g&cs=8&google_gid=CAESEBv8AbL7_aCMjypY-pMu-gk&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 301
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 sync
x.bidswitch.net/ Frame 6002 43 B
145 B 21ms
19ms Image
image/gif 18.184.169.195
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/sync?ssp=medianet&gdpr=1&gdpr_consent=&gdpr_pd=1
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 18.184.169.195 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-184-169-195.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

GET
H2

200

cksync.php
contextual.media.net/ Frame 6002
Redirect Chain

https://b1sync.zemanta.com/usersync/medianet/?cb=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dzem%26refUrl%3D%26vid%3D04093532132634109531228425...
https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=zem&refUrl=&vid=04093532132634109531228425000V10&ovsid=

45 B
371 B

38ms
37ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=zem&refUrl=&vid=04093532132634109531228425000V10&ovsid=

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 07 May 2021 17:42:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA"
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 45
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

Location: https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=zem&refUrl=&vid=04093532132634109531228425000V10&ovsid=
Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Expires: Thu, 01 Dec 1994 16:00:00 GMT
Content-Length: 176
Content-Type: text/html; charset=utf-8

GET
H2 204 usersync
track-east.mobileadtrading.com/ Frame 6002 0
44 B 371ms
114ms Image
text/plain 52.44.75.235
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://track-east.mobileadtrading.com/usersync?ru=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dsom%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3D%24%7BUID%7D
Requested by: Host: contextual.media.net
URL: https://contextual.media.net/checksync.php?vsSync=1&cs=8&cv=31&https=1&cid=8CUBCB617&prvid=2030%2C251%2C175%2C178%2C233%2C157%2C2028%2C2027%2C3017%2C159%2C214%2C236%2C2025%2C97%2C55%2C99%2C77%2C56%2C182%2C3010%2C141%2C262%2C222%2C201%2C223%2C3007%2C4%2C148%2C203%2C10000%2C80%2C108%2C229%2C9%2C109%2C82&purpose1=1&gdprconsent=1&gdpr=0&usp_status=0&usp_consent=1&uspstring=1---&itype=PREBID
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.44.75.235 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-44-75-235.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: awselb/2.0

GET
H2

200

cksync.php
contextual.media.net/ Frame 6002
Redirect Chain

https://rtb.mfadsrvr.com/sync?ssp=medianet&ssp_user_id=2634109531228425000V10
https://rtb.mfadsrvr.com/ul_cb/sync?ssp=medianet&ssp_user_id=2634109531228425000V10
https://contextual.media.net/cksync.php?type=mf&ovsid=9c763aa4-7ff5-4e19-b677-19e0d0339e74&cs=1

46 B
545 B

76ms
75ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=mf&ovsid=9c763aa4-7ff5-4e19-b677-19e0d0339e74&cs=1

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 07 May 2021 17:42:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

Location: //contextual.media.net/cksync.php?type=mf&ovsid=9c763aa4-7ff5-4e19-b677-19e0d0339e74&cs=1
Date: Fri, 07 May 2021 17:42:33 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0

GET
H2

200

cksync.php
contextual.media.net/ Frame 6002
Redirect Chain

https://ad.turn.com/r/cs?pid=59&redir=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Damb%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ov...
https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=amb&refUrl=&vid=04093532132634109531228425000V10&ovsid=4506448288219617478

46 B
534 B

58ms
57ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=amb&refUrl=&vid=04093532132634109531228425000V10&ovsid=4506448288219617478

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://contextual.media.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 07 May 2021 17:42:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

location: https://contextual.media.net/cksync.php?cs=8&vsid=2634109531228425000V10&type=amb&refUrl=&vid=04093532132634109531228425000V10&ovsid=4506448288219617478
pragma: no-cache
date: Fri, 07 May 2021 17:42:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
172 B 215ms
211ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=3938059763340322&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=3&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3D2620dac3b050a8e36c132f49cccab5a1%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D2200%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2800%26reqt%3D1620409352239&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353244&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1560&adks=686215702&ucis=1e&ifi=50&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=7&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

5a02bd1c04882358234e90688669d51ce4e65b63ae5318c25c0fa0ac6a229664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Cookie set usermatch Show response
ssum-sec.casalemedia.com/ Frame BB29 2 KB
3 KB 119ms
47ms Document
text/html 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Requested by: Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: 4b1cd7954c58f4550fb3332494889df7b71d7c375e7096ca47b2649869fcaf6b

Request headers

Host: ssum-sec.casalemedia.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://js-sec.indexww.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: CMID=YJV8BUzW0gbaYLpT28WaYQAA; CMDD=AASf9gE*; CMST=YJV8BWCVfAUB
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://js-sec.indexww.com/

Response headers

Server: Apache
Content-Type: text/html
Dropped-Udsids: 241|45|230|39|73|81|206|238
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Vary: Is-Traffic-Usersync
Content-Length: 1687
Expires: Fri, 07 May 2021 17:42:33 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive
Set-Cookie: CMID=YJV8BUzW0gbaYLpT28WaYQAA;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:42:33 GMT CMPS=5191;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:42:33 GMT CMPRO=1146;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Thu, 05 Aug 2021 17:42:33 GMT CMDD=AASf9gE*;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 08 May 2021 17:42:33 GMT CMST=YJV8BWCVfAkB;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 08 May 2021 17:42:33 GMT CMRUM3=5160957c0905a0&ce60957c0905a00&2d60957c0905a0&2760957c090b40&ee60957c0927600&e660957c0927600&4960957c0905a00&f160957c0905a0;domain=casalemedia.com;path=/;sameSite=None;Secure;expires=Sat, 07 May 2022 17:42:33 GMT

GET
H/1.1 200
OK PugMaster Show response
image6.pubmatic.com/AdServer/ Frame B688 6 KB
6 KB 138ms
35ms Script
text/html 185.64.189.115
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://image6.pubmatic.com/AdServer/PugMaster?kdntuid=1&rnd=21909867&p=156983&s=0&a=0&ptask=ALL&np=0&fp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=1---&sec=1&async=1
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.115 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: /
Resource Hash: 828ee0993cb1aaa5b693c39d82b93560de8d0af6ca7cc80de8fdb0a20f92abed

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:31 GMT
P3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Transfer-Encoding: chunked
Content-Type: text/html; charset=UTF-8

GET
H/1.1 200
OK showad.js Show response
ads.pubmatic.com/AdServer/js/ Frame 00C2 38 KB
14 KB 40ms
40ms Document
text/html 2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.pubmatic.com/AdServer/js/showad.js
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dpba%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3DPM_UID
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564

Request headers

Host: ads.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: same-origin
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dpba%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3DPM_UID
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KCCH=YES
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=159463&userIdMacro=PM_UID&predirect=https%3A%2F%2Fcontextual.media.net%2Fcksync.php%3Fcs%3D8%26vsid%3D2634109531228425000V10%26type%3Dpba%26refUrl%3D%26vid%3D04093532132634109531228425000V10%26ovsid%3DPM_UID

Response headers

Last-Modified: Wed, 14 Apr 2021 09:18:30 GMT
ETag: "13006b6-98c2-5bfeb3aef82b4"
Server: Apache/2.2.15 (CentOS)
Accept-Ranges: bytes
Content-Encoding: gzip
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Content-Length: 14060
Content-Type: text/html; charset=UTF-8
Cache-Control: public, max-age=24007
Expires: Sat, 08 May 2021 00:22:40 GMT
Date: Fri, 07 May 2021 17:42:33 GMT
Connection: keep-alive
Vary: Accept-Encoding

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6B15 0
749 B 22ms
21ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.75:80
AN-X-Request-Uuid: 2de0407c-2260-42ac-943c-ecbef81e3fd9
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 91B5 30 KB
9 KB 24ms
24ms Script
text/html 23.79.143.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.143.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-143-124.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: b2b279ece006b0e9d263bf7bed8f9c0a1435738db4dff2c57e13d1efe98900a9

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=medianet
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 28 Apr 2021 21:43:33 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=39584
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9239
Expires: Sat, 08 May 2021 04:42:17 GMT

GET
H/1.1

200
OK

dcm
s.amazon-adsystem.com/ Frame BB29
Redirect Chain

https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB&dcc=t

43 B
720 B

135ms
134ms

Image
image/gif

54.239.17.112
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB&dcc=t
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.239.17.112 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Server /
Resource Hash: c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Server: Server
Vary: User-Agent
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=&gdpr_consent=&id=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB&dcc=t
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

crum
dsum-sec.casalemedia.com/ Frame BB29
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YJV8BUzW0gbaYLpT28WaYQAA
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNRY--Uc5gn7k3N3dyBD0M&google_cver=1

43 B
1 KB

33ms
32ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNRY--Uc5gn7k3N3dyBD0M&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEFNRY--Uc5gn7k3N3dyBD0M&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usermatchredir
ssum-sec.casalemedia.com/ Frame BB29
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB
https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELCTCrB0JxmSAfu7k3pIkHc&google_cver=1

43 B
315 B

41ms
40ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELCTCrB0JxmSAfu7k3pIkHc&google_cver=1
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
Content-Type: image/gif
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 43
Expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ssum-sec.casalemedia.com/usermatchredir?s=184023&google_gid=CAESELCTCrB0JxmSAfu7k3pIkHc&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 casale
match.adsrvr.org/track/cmf/ Frame BB29 70 B
264 B 54ms
52ms Image
image/gif 34.250.165.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/casale?cm_callback_url=https%3A%2F%2Fdsum-sec.casalemedia.com%2Fcrum&cm_dsp_id=39&cm_user_id=YJV8BUzW0gbaYLpT28WaYQAA
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.165.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2 200 YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BB29 43 B
88 B 90ms
88ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BB29
Redirect Chain

https://pixel.quantserve.com/pixel/p-Z8PuJEk6U7Hyq.gif?idmatch=0
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qskN76uaBOOxy1W4qJ8Z7qScBeuxnw3t-JosVVAp

43 B
1 KB

84ms
34ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qskN76uaBOOxy1W4qJ8Z7qScBeuxnw3t-JosVVAp
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=81&gdpr=1&external_user_id=qskN76uaBOOxy1W4qJ8Z7qScBeuxnw3t-JosVVAp
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2

200

YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB
pr-bh.ybp.yahoo.com/sync/casale/ Frame BB29
Redirect Chain

https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB
https://pr-bh.ybp.yahoo.com/sync/casale/YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB

43 B
542 B

32ms
32ms

Image
image/gif

2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/casale/YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB

Requested by

Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Date: Fri, 07 May 2021 17:42:33 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://pr-bh.ybp.yahoo.com/sync/casale/YJV8BUzW0gbaYLpT28WaYQAABHoAAAIB
Connection: keep-alive
Content-Length: 0

GET
H2

451

464516.gif
idsync.rlcdn.com/ Frame BB29
Redirect Chain

https://idsync.rlcdn.com/461886.gif?partner_uid=YJV8BUzW0gbaYLpT28WaYQAA%261146
https://idsync.rlcdn.com/1000.gif?memo=CL6YHBIpCiUIARDY9gEaHVlKVjhCVXpXMGdiYVlMcFQyOFdhWVFBQSYxMTQ2EAAaDQiJ-NWEBhIFCOgHEABCAEoA
https://token.rubiconproject.com/token?pid=28028&puid=6c7ad110317d6d02d986c5a8b4d74c6d31c00652319a93c4834d4dcf45e5273863c43f2df1037271
https://idsync.rlcdn.com/464516.gif?partner_uid=KOELW35G-1F-6SX6

0
42 B

26ms
25ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/464516.gif?partner_uid=KOELW35G-1F-6SX6
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

Redirect headers

Location: https://idsync.rlcdn.com/464516.gif?partner_uid=KOELW35G-1F-6SX6
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1 200
OK htw-pixel.gif
js-sec.indexww.com/ht/ Frame BB29 43 B
425 B 35ms
34ms Image
image/gif 2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://js-sec.indexww.com/ht/htw-pixel.gif?YJV8BUzW0gbaYLpT28WaYQAA%261146
Requested by: Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https://itigic.com/&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://ssum-sec.casalemedia.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
Last-Modified: Tue, 24 Jan 2017 19:36:04 GMT
Server: Apache
ETag: "902a3d-2b-546dc3a097100"
P3P: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=1925
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 07 May 2021 18:14:38 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 91B5 284 B
932 B 74ms
20ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/jpg

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 88E8 0
749 B 21ms
20ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.39:80
AN-X-Request-Uuid: 589bee18-b346-42c6-ab31-e959e1bfbe20
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 usersync.aspx Show response
dis.criteo.com/dis/ Frame 5491 43 B
304 B 101ms
33ms Document
image/gif 178.250.0.163
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

:method: GET
:authority: dis.criteo.com
:scheme: https
:path: /dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

cache-control: no-cache
pragma: no-cache
content-type: image/gif
expires: Fri, 07 May 2021 00:00:00 GMT
server: Microsoft-IIS/10.0
x-errorlevel: 0
p3p: CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
server-processing-duration-in-ticks: 1233
date: Fri, 07 May 2021 17:42:33 GMT
content-length: 43

GET

Pug
image2.pubmatic.com/AdServer/ Frame 7C4D
Redirect Chain

https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7566101433466681428

0
0

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 31B3
Redirect Chain

https://dsp.adfarm1.adition.com/cookie/?ssp=9
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959605177284032652

42 B
771 B

69ms
31ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959605177284032652
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=BE73A413-39CC-4B40-836F-8E00FFE00B3D; chkChromeAb67Sec=1; DPSync3=1621555200%3A201_227_226_221; SyncRTB3=1621555200%3A165_21_3_55_230_176_54_189_161_166_204_71_22_99_220_13_81_234_56_88_7_8_231%7C1620950400%3A2_223_15_67%7C1621209600%3A63%7C1622937600%3A203%7C1621641600%3A35
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 07 May 2021 17:42:33 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_1101=23040-6959605177284032652; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 17:42:33 GMT; path=/ PugT=1620409353; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 17:42:33 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 05-Aug-2021 17:42:33 GMT; path=/
X-lat: lhrpug002:0:414
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

Server: nginx
Date: Fri, 07 May 2021 17:42:33 GMT
Transfer-Encoding: chunked
Connection: keep-alive
p3p: policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Set-Cookie: UserID1=6959605177284032652; Max-Age=7776000; domain=.adfarm1.adition.com; Path=/; SameSite=None; Secure
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=6959605177284032652

GET

Pug
image2.pubmatic.com/AdServer/ Frame AB69
Redirect Chain

https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
https://rtb-csync.smartadserver.com/redir?partnerid=127&partneruserid=AAD7cU7BKvgAACzEtLQ56Q&redirurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dpp%252Cpm%26bee_sync_curre...
https://match.prod.bidr.io/cookie-sync?bee_sync_partners=pp%2Cpm&bee_sync_current_partner=sas&bee_sync_initiator=pm&bee_sync_hop_count=1&userid=5015504410056566366
https://bh.contextweb.com/bh/rtset?do=add&pid=558502&ev=AAD7cU7BKvgAACzEtLQ56Q&rurl=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fuserid%3D5015504410056566366%26bee_sync_partners%3Dpm%26bee_sync...
https://match.prod.bidr.io/cookie-sync?userid=5015504410056566366&bee_sync_partners=pm&bee_sync_current_partner=pp&bee_sync_initiator=pm&bee_sync_hop_count=2&ev=AAD7cU7BKvgAACzEtLQ56Q&pid=558502&do...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q

0
0

GET
H/1.1 200
OK bridge Show response
cm.adgrx.com/ Frame 8B10 43 B
408 B 324ms
23ms Document
image/gif 173.231.181.122
VOXEL-DOT-NET

General

Check archive.org

Show headers Download Go to

Full URL: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 173.231.181.122 , United States, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software: Cowboy /
Resource Hash: 2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Host: cm.adgrx.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
server: Cowboy
X-RealServer-NX: ams-delivery-3
Cache-Control: no-cache, no-store, must-revalidate, proxy-revalidate
Pragma: no-cache
Expires: Thu, 23 Sep 2004 17:42:04 GMT
P3P: CP="NOI OTC OTP OUR NOR"
Access-Control-Allow-Origin: *

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame 4BD4
Redirect Chain

https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=8122160412
https://sync.1rx.io/usersync/tradedesk/5bf12252-d9c7-46e6-8fea-84ac91722002
https://sync.targeting.unrulymedia.com/csync/RX-3abd8566-702b-4e9c-8515-229464292a41-003?redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA%...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3abd8566-702b-4e9c-8515-229464292a41-003

42 B
849 B

32ms
32ms

Document
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3abd8566-702b-4e9c-8515-229464292a41-003
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=BE73A413-39CC-4B40-836F-8E00FFE00B3D; chkChromeAb67Sec=1; DPSync3=1621555200%3A201_227_226_221; SyncRTB3=1621555200%3A165_21_3_55_230_176_54_189_161_166_204_71_22_99_220_13_81_234_56_88_7_8_231%7C1620950400%3A2_223_15_67%7C1621209600%3A63%7C1622937600%3A203%7C1621641600%3A35; KRTBCOOKIE_1101=23040-6959605177284032652; PUBMDCID=3; KRTBCOOKIE_22=14911-4506448288219617478; KRTBCOOKIE_391=22924-3517474811054844030&KRTB&23263-3517474811054844030; KRTBCOOKIE_27=16735-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&16736-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&23019-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&23114-uid:51c86095-7c09-4f00-a144-a659366fc7e4; KRTBCOOKIE_377=6810-5bf12252-d9c7-46e6-8fea-84ac91722002&KRTB&22918-5bf12252-d9c7-46e6-8fea-84ac91722002&KRTB&23031-5bf12252-d9c7-46e6-8fea-84ac91722002; KRTBCOOKIE_1074=22956-e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa; PugT=1620409354; SPugT=1620409353
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 07 May 2021 17:42:34 GMT
Content-Type: image/gif; charset=utf-8
Content-Length: 42
Connection: keep-alive
Set-Cookie: KRTBCOOKIE_594=17105-RX-3abd8566-702b-4e9c-8515-229464292a41-003&KRTB&17107-RX-3abd8566-702b-4e9c-8515-229464292a41-003; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 05-Aug-2021 17:42:34 GMT; path=/ PugT=1620409354; domain=pubmatic.com; SameSite=None; secure; expires=Sun, 06-Jun-2021 17:42:34 GMT; path=/ PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 05-Aug-2021 17:42:34 GMT; path=/
X-lat: lhrpug018:0:792
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

server: Tengine
date: Fri, 07 May 2021 17:42:34 GMT
content-type: text/html
set-cookie: _rxuuid=%7B%22rx_uuid%22%3A%22RX-3abd8566-702b-4e9c-8515-229464292a41-003%22%7D; path=/; expires=Sat, 07 May 2022 17:42:34 GMT; domain=.targeting.unrulymedia.com; samesite=none; secure; httponly
p3p: CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyMDMmdGw9NDMyMDA=&piggybackCookie=RX-3abd8566-702b-4e9c-8515-229464292a41-003
etag: RX3abd8566702b4e9c8515229464292a41003

GET

Pug
image2.pubmatic.com/AdServer/ Frame 9CC4
Redirect Chain

https://green.erne.co/pubmatic/cm?
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZRXq6P9HazaibCTpuiz6WxIm

0
0

GET
H2 200 dpe Show response
ad4m.at/ad/ Frame E4B4 42 B
1 KB 48ms
31ms Document
image/gif 2606:4700:3039::6815:c03b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ad4m.at/ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3039::6815:c03b , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox

Request headers

:method: GET
:authority: ad4m.at
:scheme: https
:path: /ad/dpe?b=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjkmdGw9MTI5NjAw&piggybackCookie=$UID
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-type: image/gif
content-length: 42
set-cookie: __cfduid=d8a016f9ab91cd0eddbc7021753df99d91620409353; expires=Sun, 06-Jun-21 17:42:33 GMT; path=/; domain=.ad4m.at; HttpOnly; SameSite=Lax; Secure
report-to: {"endpoints":[{"url":"https://as.ad4m.at/ad/vre"}],"group":"report-endpoint","max_age":86400}
nel: {"failure_fraction":"1.0","max_age":86400,"report_to":"report-endpoint","success_fraction":"0.0"}
expires: 0
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate
content-security-policy: block-all-mixed-content; report-to report-endpoint; report-uri https://as.ad4m.at/ad/rcv; upgrade-insecure-requests; sandbox allow-scripts allow-same-origin allow-popups allow-popups-to-escape-sandbox
feature-policy: geolocation 'none';midi 'none';sync-xhr 'none';microphone 'none';camera 'none';magnetometer 'none';gyroscope 'none';fullscreen 'none';payment 'none';accelerometer 'none';usb 'none';autoplay 'self'
referrer-policy: same-origin
pragma: no-cache
surrogate-control: no-store
x-fastcgi-cache: BYPASS
x-backend-server: adsrv-7d3s
via: 1.1 google
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-request-id: 09e9859cde00001f412b98c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bc3edafe681f41-FRA

GET
H/1.1

200
OK

Pug Show response
simage2.pubmatic.com/AdServer/ Frame 6804
Redirect Chain

https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0

0
411 B

31ms
31ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=BE73A413-39CC-4B40-836F-8E00FFE00B3D; chkChromeAb67Sec=1; DPSync3=1621555200%3A201_227_226_221; SyncRTB3=1621555200%3A165_21_3_55_230_176_54_189_161_166_204_71_22_99_220_13_81_234_56_88_7_8_231%7C1620950400%3A2_223_15_67%7C1621209600%3A63%7C1622937600%3A203%7C1621641600%3A35; KRTBCOOKIE_1101=23040-6959605177284032652; PUBMDCID=3; KRTBCOOKIE_22=14911-4506448288219617478; KRTBCOOKIE_391=22924-3517474811054844030&KRTB&23263-3517474811054844030; KRTBCOOKIE_27=16735-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&16736-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&23019-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&23114-uid:51c86095-7c09-4f00-a144-a659366fc7e4; KRTBCOOKIE_377=6810-5bf12252-d9c7-46e6-8fea-84ac91722002&KRTB&22918-5bf12252-d9c7-46e6-8fea-84ac91722002&KRTB&23031-5bf12252-d9c7-46e6-8fea-84ac91722002; KRTBCOOKIE_1074=22956-e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa; PugT=1620409354
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 07 May 2021 17:42:34 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
X-lat: lhrpug018:2:180
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Encoding: gzip

Redirect headers

set-cookie: viewer_token=77f6ebfe-315d-4195-b04e-675776eb64ef; path=/; domain=csync.loopme.me; Expires=Mon, 07-Jun-2021 17:42:34 GMT
location: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie=$UID&gdpr=0
content-length: 0
date: Fri, 07 May 2021 17:42:34 GMT
server: _

GET
H2

200

i.match Show response
s.tribalfusion.com/z/ Frame B9A4
Redirect Chain

https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...

43 B
447 B

174ms
172ms

Document
image/gif

2606:4700::6812:c05
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:c05 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

:method: GET
:authority: s.tribalfusion.com
:scheme: https
:path: /z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ads.pubmatic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: ANON_ID=aTnoeUNj6WNCyhUTBX6KHxQbBFXUTSDbdXJuAeJn
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-type: image/gif; charset=utf-8
content-length: 43
set-cookie: __cfduid=df5fb98263d237cf4738050c80cf440e81620409353; expires=Sun, 06-Jun-21 17:42:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aqnseFmMZaE9DXqwmyCTIRkZcd6EoRwroISQUDymZcTWDLsF2VFr9HccvmyofdZdaGmBo6xnY9yZaZct4kFFUrTEsL; path=/; domain=.tribalfusion.com; expires=Thu, 05-Aug-2021 17:42:33 GMT; SameSite=None; Secure; ANON_ID_old=aqnseFmMZaE9DXqwmyCTIRkZcd6EoRwroISQUDymZcTWDLsF2VFr9HccvmyofdZdaGmBo6xnY9yZaZct4kFFUrTEsL; path=/; domain=.tribalfusion.com; expires=Thu, 05-Aug-2021 17:42:33 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 302
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
cf-cache-status: DYNAMIC
cf-request-id: 09e9859d9800004a9def2c5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bc3edc2f574a9d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date: Fri, 07 May 2021 17:42:33 GMT
content-type: text/html
set-cookie: __cfduid=df5fb98263d237cf4738050c80cf440e81620409353; expires=Sun, 06-Jun-21 17:42:33 GMT; path=/; domain=.tribalfusion.com; HttpOnly; SameSite=Lax ANON_ID=aTnoeUNj6WNCyhUTBX6KHxQbBFXUTSDbdXJuAeJn; path=/; domain=.tribalfusion.com; expires=Thu, 05-Aug-2021 17:42:33 GMT; SameSite=None; Secure; ANON_ID_old=aTnoeUNj6WNCyhUTBX6KHxQbBFXUTSDbdXJuAeJn; path=/; domain=.tribalfusion.com; expires=Thu, 05-Aug-2021 17:42:33 GMT;
p3p: CP="NOI DEVo TAIa OUR BUS"
x-function: 206
x-reuse-index: 161
cache-control: no-cache private
expires: Thu, 01 Jan 1970 00:00:00 GMT
pragma: no-cache
location: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
cf-cache-status: DYNAMIC
cf-request-id: 09e9859ce900004a9de7141000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64bc3edb0c7e4a9d-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H/1.1

200
OK

Cookie set Pug Show response
simage2.pubmatic.com/AdServer/ Frame EE24
Redirect Chain

https://bh.contextweb.com/bh/rtset?pid=557219&ev=1&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&piggybackCookie=%%VGUID%%
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lw64OJ0fgSgc&pid=557219

1 B
463 B

31ms
31ms

Document
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lw64OJ0fgSgc&pid=557219
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068

Request headers

Host: simage2.pubmatic.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://ads.pubmatic.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: KADUSERCOOKIE=BE73A413-39CC-4B40-836F-8E00FFE00B3D; chkChromeAb67Sec=1; DPSync3=1621555200%3A201_227_226_221; SyncRTB3=1621555200%3A165_21_3_55_230_176_54_189_161_166_204_71_22_99_220_13_81_234_56_88_7_8_231%7C1620950400%3A2_223_15_67%7C1621209600%3A63%7C1622937600%3A203%7C1621641600%3A35; KRTBCOOKIE_1101=23040-6959605177284032652; PUBMDCID=3; KRTBCOOKIE_22=14911-4506448288219617478; KRTBCOOKIE_391=22924-3517474811054844030&KRTB&23263-3517474811054844030; KRTBCOOKIE_27=16735-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&16736-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&23019-uid:51c86095-7c09-4f00-a144-a659366fc7e4&KRTB&23114-uid:51c86095-7c09-4f00-a144-a659366fc7e4; KRTBCOOKIE_377=6810-5bf12252-d9c7-46e6-8fea-84ac91722002&KRTB&22918-5bf12252-d9c7-46e6-8fea-84ac91722002&KRTB&23031-5bf12252-d9c7-46e6-8fea-84ac91722002; KRTBCOOKIE_1074=22956-e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa; PugT=1620409354; SPugT=1620409353
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ads.pubmatic.com/

Response headers

Server: nginx
Date: Fri, 07 May 2021 17:42:34 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 1
Connection: keep-alive
Set-Cookie: PUBMDCID=3; domain=pubmatic.com; SameSite=None; secure; expires=Thu, 05-Aug-2021 17:42:34 GMT; path=/
X-lat: lhrpug019:0:381
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private

Redirect headers

p3p: policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cw-server: bh-deployment-7c488d4f5b-p6k5x
cache-control: private, max-age=0, no-cache, no-store
expires: -1
content-language: en-US
set-cookie: V=lw64OJ0fgSgc;Version=0;Secure;Path=/;Domain=.contextweb.com;Expires=Mon, 02-May-2022 17:42:34 GMT;Max-Age=31104000;SameSite=None INGRESSCOOKIE=de7ad75798ad4392; path=/; HttpOnly; Secure; SameSite=None
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzMxOSZ0bD0xMjk2MDA=&ev=1&ev=1&piggybackCookie=lw64OJ0fgSgc&pid=557219
server: Jetty(9.4.14.v20181114)
strict-transport-security: max-age=15768000

GET 141
match.deepintent.com/usersync/ Frame C12C 0
0

GET
H/1.1

200
OK

user_sync.html
ads.pubmatic.com/AdServer/js/ Frame B688
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=vnOkEznMS0CDb44A_-ALPQ%3D%3D
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=

8 KB
8 KB

34ms
34ms

Image
text/html

2.18.233.180
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.18.233.180 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-233-180.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
Content-Encoding: gzip
Last-Modified: Wed, 21 Oct 2020 18:57:29 GMT
Server: Apache/2.2.15 (CentOS)
ETag: "1300708-1f78-5b232eb4914bb"
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: max-age=162602
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: text/html; charset=UTF-8
Content-Length: 2654
Expires: Sun, 09 May 2021 14:52:35 GMT

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 272
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 mw
mwzeom.zeotap.com/ Frame B688 95 B
596 B 78ms
60ms Image
image/png 2606:4700:10::6816:1957
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=BE73A413-39CC-4B40-836F-8E00FFE00B3D
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:1957 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin
content-type: image/png
access-control-allow-origin: https://ads.pubmatic.com
access-control-allow-credentials: true
cf-ray: 64bc3edb0fcd2bad-FRA
access-control-allow-headers: *
content-length: 95
cf-request-id: 09e9859ce400002bad91a65000000001

GET info
uipglob.semasio.net/pubmatic/1/ Frame B688 0
0

GET p.gif
visitor.fiftyt.com/ Frame B688 0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QkU3M0E0MTMtMzlDQy00QjQwLTgzNkYtOEUwMEZGRTAwQjNE&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

0
0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnPybkTEj5bMfWmCqHXQuY&google_cver=1

0
0

GET pubmatic
um.simpli.fi/ Frame B688 0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://match.adsrvr.org/track/cmb/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5bf12252-d9c7-46e6-8fea-84ac91722002

42 B
882 B

148ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5bf12252-d9c7-46e6-8fea-84ac91722002
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
X-lat: lhrpug017:0:525
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NDkmdGw9MTI5NjAw&piggybackCookie=5bf12252-d9c7-46e6-8fea-84ac91722002
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 313

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3517474811054844030

42 B
801 B

187ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3517474811054844030
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
X-lat: lhrpug005:0:501
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: nginx
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=3517474811054844030
access-control-max-age: 86400
access-control-allow-methods: GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-headers: Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length: 0
expires: -1

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA%3D%3D%26piggybackCookie%3...
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:51c86095-7c09-4f00-a144-a659366fc7e4&gdpr=0&gdpr_consent=

42 B
946 B

191ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:51c86095-7c09-4f00-a144-a659366fc7e4&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
X-lat: lhrpug003:0:440
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Date: Fri, 07 May 2021 17:42:32 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x26
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD00MzIwMA==&piggybackCookie=uid:51c86095-7c09-4f00-a144-a659366fc7e4&gdpr=0&gdpr_consent=
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 07 May 2021 17:42:31 GMT

GET

Pug
image2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4435999911562095551&gdpr=0&gdpr_consent=

0
0

GET
H2 200 BE73A413-39CC-4B40-836F-8E00FFE00B3D
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame B688 43 B
88 B 44ms
38ms Image
image/gif 2a00:1288:110:c305::8000
YAHOO-IRD

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pr-bh.ybp.yahoo.com/sync/pubmatic/BE73A413-39CC-4B40-836F-8E00FFE00B3D?gdpr=0&gdpr_consent=

Requested by

Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a00:1288:110:c305::8000 , United Kingdom, ASN34010 (YAHOO-IRD, GB),

Reverse DNS

Software

ATS /

Resource Hash

48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
content-type: image/gif
x-xss-protection: 1; mode=block
content-length: 43
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

SPug
image4.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=BE73A413-39CC-4B40-836F-8E00FFE00B3D&redir=true&gdpr=0&gdpr_consent=
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1uRT0X5E2uVsRp0un0pxD0jZikBjUTY-~A&gdpr=0&gdpr_consent=

0
587 B

1111ms
24ms

Image
text/plain

185.64.189.114
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1uRT0X5E2uVsRp0un0pxD0jZikBjUTY-~A&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.114 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

X-Cnection: close
Date: Fri, 07 May 2021 17:42:33 GMT
Content-Encoding: gzip
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.1e-fips mod_fastcgi/2.4.6
Vary: Accept-Encoding
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-cache
Transfer-Encoding: chunked
Content-Type: text/plain; charset=utf-8

Redirect headers

Date: Fri, 07 May 2021 17:42:33 GMT
Server: ATS/7.1.2.128
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Location: https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-1uRT0X5E2uVsRp0un0pxD0jZikBjUTY-~A&gdpr=0&gdpr_consent=
Connection: keep-alive
Content-Length: 0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=izJpmYphYJWQMDHOiWR9mIVnYZ2QZGmb2WFW961z

0
0

GET

sync
prod.perf-serving.com/ Frame B688
Redirect Chain

https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4506448288219617478&gdpr=0&gdpr_consent=&us_privacy=

1 B
727 B

168ms
31ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4506448288219617478&gdpr=0&gdpr_consent=&us_privacy=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:33 GMT
X-lat: lhrpug008:0:425
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 1

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4506448288219617478&gdpr=0&gdpr_consent=&us_privacy=
pragma: no-cache
date: Fri, 07 May 2021 17:42:32 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET b9pj45k4
sync-tm.everesttech.net/upi/pid/ Frame B688 0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4757515f-621f-4783-a8e1-f5d5adc103af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw

42 B
505 B

31ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4757515f-621f-4783-a8e1-f5d5adc103af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:34 GMT
X-lat: lhrpug012:0:369
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Location: https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:4757515f-621f-4783-a8e1-f5d5adc103af&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date: Fri, 07 May 2021 17:42:34 GMT
Server: Apache/2.4.41 (Ubuntu)
Connection: Keep-Alive
Keep-Alive: timeout=5, max=3000
Content-Length: 0
P3P: policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"

GET
H2 204 current
pubmatic-match.dotomi.com/match/bounce/ Frame B688 0
104 B 91ms
65ms Image
text/plain 2a02:fa8:8806:20::2010
VCLK-EU-SE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=BE73A413-39CC-4B40-836F-8E00FFE00B3D&gdpr=0&gdpr_consent=
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:fa8:8806:20::2010 , United States, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: no-cache, private, max-age=0, no-store
server: nginx
expires: 0

GET

Pug
image2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=3&gdpr=0&gdpr_consent=
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=17c61690-ff85-47c9-8454-12603c63c786-60957c09-4348&gdpr=0&gdpr_consent=

0
0

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4435999911562095551

42 B
505 B

31ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4435999911562095551
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:34 GMT
X-lat: lhrpug019:0:284
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:34 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 693.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.145:80
AN-X-Request-Uuid: 476d75ae-1236-4ba9-91c5-da2cbedf9266
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=4435999911562095551
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

Pug
simage2.pubmatic.com/AdServer/ Frame B688
Redirect Chain

https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa

42 B
790 B

32ms
31ms

Image
image/gif

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 17:42:34 GMT
X-lat: lhrpug007:0:451
Server: nginx
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif; charset=utf-8
Content-Length: 42

Redirect headers

location: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw&piggybackCookie=e_b0dd2d84-7d2b-445a-b52d-7f3c7791a6fa
date: Fri, 07 May 2021 17:42:34 GMT
p3p: CP="This is not a P3P policy"
server: nginx
timing-allow-origin: *
content-length: 0
content-language: en-US

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 19ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 17ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
14 KB 276ms
275ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=115503111200075&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=6&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D6%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D0%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D2%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D400%26reqt%3D1620409352410%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353433&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=913&adks=165232301&ucis=1f&ifi=51&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

337e39f1a9f4502351074ae4b9f8a31da68411b6360d4ec710da91cd5d4ea460

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13998
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8F8C 0
749 B 37ms
37ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:33 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.42:80
AN-X-Request-Uuid: 000bedd8-a032-4b6a-8e0f-69a3d82c5174
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 84 KB
27 KB 297ms
296ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1949793407537292&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=468x60&ris=2&rcs=6&prev_scp=a%3D%257C1%257C%26iid11%3D1021465%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1102%26sap%3D1102%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dmbf%26adr%3D399%26ezosn%3D22%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D1%26al%3D1001%26compid%3D0%26tap%3Ditigic_com-box-2-1021465%26eb_br%3D14e8a85d4c42ff1db8790cbef9e33493%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D19%26bvm%3D0%26bvr%3D9%26shp%3D1%26ftsn%3D3%26acptad%3D1%26br1%3D12%26br2%3D750%26ezoic%3D1%26nmau%3D0%26mau%3D0%26stl%3D32%2C168%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C187%2C31%26deal1%3D21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C814%2C815%2C816%2C817%2C818%2C819%2C893%2C899%2C903%2C917%2C918%2C919%2C988%2C774%2C20%2C20%2C608%2C17%2C20%2C608%2C17%2C19%2C20%2C608%2C17%2C19%2C20%2C608%2C17%2C18%2C19%2C20%2C601%2C608%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D32%26reqt%3D1620409352421&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353445&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=566&adys=290&adks=3929797713&ucis=1g&ifi=52&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1030x60&msz=468x60&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c08632ec2a861b404d98fdf360b722767811cf95630feaf6647b50a66cab66d8

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COKYoJ-PuPACFRY34Aodsl8OMg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8508864670512961295/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=COKYoJ-PuPACFRY34Aodsl8OMg&gqi=&layout=/sadbundle/%24csp%253Der3%24/8508864670512961295/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27737
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 07 May 2021 17:42:33 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

cksync.php
contextual.media.net/ Frame 91B5
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=medianet
https://contextual.media.net/cksync.php?type=rbcn&ovsid=KOELW35G-1F-6SX6

46 B
532 B

35ms
35ms

Image
image/gif

2.18.235.93
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?type=rbcn&ovsid=KOELW35G-1F-6SX6

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2.18.235.93 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a2-18-235-93.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Fri, 07 May 2021 17:42:33 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Fri, 07 May 2021 17:42:33 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://contextual.media.net/cksync.php?type=rbcn&ovsid=KOELW35G-1F-6SX6
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Expires: 0

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6IlszMDAsMjUwXSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfZmx1aWQiLCJ2YWwiOiJmYWxzZSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTA2NDM2OSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTMtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTE0LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgyMDg2MTEwOTUsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; ezouspva=3; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 56 KB
14 KB 314ms
313ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1695933698463232&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=6&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D5%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D0%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D400%26reqt%3D1620409352539%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353543&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=648&adks=165232300&ucis=1h&ifi=53&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

72e979d77e109d69f4bbdd2402b1a65501017bb7dd092a651af1f1dfa4ddef70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14075
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
171 B 231ms
231ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1066347498954012&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=3&prev_scp=a%3D%257C6%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D4%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3D2620dac3b050a8e36c132f49cccab5a1%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D2200%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2800%26reqt%3D1620409352570&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353574&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1825&adks=223664751&ucis=1i&ifi=54&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=8&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

1a3619f8c58de8c9db32656f3156a925d6d8d7be394a923b594e0c84d0c0bb25

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 141
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29

200

pixel
cm.g.doubleclick.net/ Frame 91B5
Redirect Chain

https://token.rubiconproject.com/token?pid=2249&pt=n
https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M0ZjM4NmI1NDQ2N2MxNDBmOGFhMjkxYTFmMjExMjhhZjJhMzcyNQ

170 B
188 B

38ms
37ms

Image
image/png

142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M0ZjM4NmI1NDQ2N2MxNDBmOGFhMjkxYTFmMjExMjhhZjJhMzcyNQ

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_hm=Y2M0ZjM4NmI1NDQ2N2MxNDBmOGFhMjkxYTFmMjExMjhhZjJhMzcyNQ
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H2 451 709414.gif
id.rlcdn.com/ Frame 91B5 0
42 B 29ms
26ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://id.rlcdn.com/709414.gif
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
via: 1.1 google
alt-svc: clear
content-length: 0

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 91B5
Redirect Chain

https://token.rubiconproject.com/token?pid=2974&pt=n&a=1
https://pr-bh.ybp.yahoo.com/sync/rubicon/_0jlr8ZQL5zSLAIkpafkdMn5EUdSAgOZEtemQ7w0kco?csrc=
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3475688935040229492

42 B
689 B

104ms
19ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3475688935040229492
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

date: Fri, 07 May 2021 17:42:33 GMT
referrer-policy: strict-origin-when-cross-origin
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=31536000
location: https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=3475688935040229492
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 91B5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTMtIho97IHvcA_NnRqbY0&google_cver=1

42 B
689 B

91ms
18ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTMtIho97IHvcA_NnRqbY0&google_cver=1
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&put=CAESECTMtIho97IHvcA_NnRqbY0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 326
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET btu4jd3a
sync-tm.everesttech.net/upi/pid/ Frame 91B5 0
0

GET
H2 200 rubicon
match.adsrvr.org/track/cmf/ Frame 91B5 70 B
264 B 53ms
52ms Image
image/gif 34.250.165.246
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://match.adsrvr.org/track/cmf/rubicon
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.250.165.246 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: private,no-cache, must-revalidate
x-aspnet-version: 4.0.30319
content-type: image/gif
content-length: 70
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

GET
H2

204

v1
ads.yahoo.com/cms/ Frame 91B5
Redirect Chain

https://token.rubiconproject.com/token?pid=26594
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOELW35G-1F-6SX6&sigv=1&esig=2~ea3052eb5ca0b06206b190b29d8c9715f85402b1

0
443 B

22ms
6ms

Image
text/plain

2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOELW35G-1F-6SX6&sigv=1&esig=2~ea3052eb5ca0b06206b190b29d8c9715f85402b1

Requested by

Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

Redirect headers

Location: https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=KOELW35G-1F-6SX6&sigv=1&esig=2~ea3052eb5ca0b06206b190b29d8c9715f85402b1
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
content-length: 0
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

tap.php
pixel.rubiconproject.com/ Frame 91B5
Redirect Chain

https://sync.mathtag.com/sync/img?mt_exid=9&redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D4222%26nid%3D1512%26put%3D%5BMM_UUID%5D
https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=51c86095-7c09-4f00-a144-a659366fc7e4

42 B
689 B

107ms
18ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=51c86095-7c09-4f00-a144-a659366fc7e4
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=medianet
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 42
X-RPHost: 8f052d4f888ae4e0626c5f819879cacd
Content-Type: image/gif

Redirect headers

Date: Fri, 07 May 2021 17:42:32 GMT
Server: MT3 3709 11aaa92 master cdg-pixel-x30
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://pixel.rubiconproject.com/tap.php?v=4222&nid=1512&put=51c86095-7c09-4f00-a144-a659366fc7e4
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Keep-Alive: timeout=360
Content-Length: 0
Expires: Fri, 07 May 2021 17:42:31 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 41 KB
10 KB 245ms
244ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=894613647776471&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=6&prev_scp=a%3D%257C6%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D7%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D0%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D3%26stl%3D83%2C13%2C120%2C67%2C51%2C0%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D400%26reqt%3D1620409352601%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353605&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1178&adks=165232298&ucis=1j&ifi=55&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

c67ba24a5a606731b6de97c545d84ce50c4e4c251a30159188171f60cbd2af7a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10364
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
google-creative-id: -1
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
access-control-expose-headers: x-google-amp-ad-validated-version
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 91FA 190 KB
54 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 91FA 12 KB
4 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 91FA 87 KB
27 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 91FA 27 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 91FA 40 KB
13 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 91FA 4 KB
617 B 18ms
18ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=pt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:42:33 GMT
server: ESF
date: Fri, 07 May 2021 17:42:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame 91FA 4 KB
617 B 17ms
16ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 16:17:35 GMT
server: ESF
date: Fri, 07 May 2021 17:42:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 91FA 3 KB
3 KB 10ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40950
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 91FA 344 B
368 B 9ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29804
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
DATA 200
OK truncated
/ Frame 91FA 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 55e5d70685c5810f8354e38016faaa1c33dbbaf91586de31e16f8ec59df36a5f

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 Iqg9YOYtlzv8J79dT0jHkai3IJmH1IAi_kZCk55za6gP_S0682zpHAJncei4pezP7Hmur-gvhr2eXRmziZjBqDGf1xMQhTlj=w1200-h627-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame 91FA 115 KB
115 KB 39ms
17ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/Iqg9YOYtlzv8J79dT0jHkai3IJmH1IAi_kZCk55za6gP_S0682zpHAJncei4pezP7Hmur-gvhr2eXRmziZjBqDGf1xMQhTlj=w1200-h627-rj-pd-pc0x00e9e9e9

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7784e55621e8e946cbb7143030530f5f4c59a7ee0319ca5603a9f64a92e9b775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
x-content-type-options: nosniff
server: fife
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117261
x-xss-protection: 0
expires: Sat, 08 May 2021 17:42:33 GMT

GET
H3-29 200 ad
googleads.g.doubleclick.net/dbm/ Frame 91FA 42 B
63 B 29ms
28ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-A5rs3naj6a7bfVc0X7LRH0sHcWqDuUzqZz1TuDHIe6iIEIt3zKW7TTxicd5YkqNZWBaiSN-7unPK_92gjDdD1rNciyOYwrghiITi2WeIRC0tslbB3MFvBbhLh5kepeJ9ZHufGb9sYFYvtHfc8oHxup3rCQow&dbm_d=AKAmf-DqL6GPDx_AH3-GgUfRM2lf9lzCOtMArAfqr-7WIu6zeS90BgaswWd6KZaZaoYDzIpQ-94bj38QGW4F2fE2gqKsH57CKjRj1fZsNgnFWgY3upIE2QMk3zw_RToKWKyWmWq6SvrwdI9e5-JGmUsNbgz6cJ_cIlc2TyCBZdtoQVf7wXvXZ5GIm1NP4n0HB9kNo6mH2eau5bvSClMugmuybq_Kivjwa0Wq9KfGEbsZs6bV2okiPVxafjpFXpDaww1L20DM3f0O5U54ZGTL6eqcuDMSmed3gn2JFBg4V3zxlSYNErrYAoaA8bBMx_k16veTX8SaYGcw0hePenMzedN59B9EOEPhiQS4Oz75P2OYBGKEJ0t6LReqiofPEvfUueP3W9r-hU2tpaOs1eB5Bvo3wbyODJ4WJaUs49Y121dRL0mnf-VULqcc2s6XqNxxFvpEB26S2ZgQKt1NsIWJZgR1fjfPZh_p2cCtNEYvkQFGalQ7sB33SpV3V3XuqW2RyAwtjKk6eyScoCNpZwuipZsgpVMF9nyGRSOkmX0PxxZ4xO1Y1aQDY7LCeE_IdLJbiv_86Tz5Pq22P7RBeZxz0nPWaCTxR3o_h9lRv7y2iGBETqL3UGO_yFBykFcsxSitf53iiYTzWDKUFOUN1SqBrcrvQ2lOEwFjeqB98NDxofrNdt1ehU6L7OXPjpQKf7J3zplpKWI_4BS2sdfcyIpoIxuBCmcDASWDxH8OGMigUzVK8-MZ4uKRREULYQsViN8WY2_KEZlv-4ImtfJjKQeHhCgNYTJok_pJoqzKNY4ZfD6o0VTG3-FwvvqBwSo4pIgyDMUryvw_tvFBzqP0fyVNHvekmmSptknaXuUg3FnPMn0D6WTGMZujiP1qPs9vbxj5ehicjDA7ROXHmaxyRGnVUze0q3vTPhegF60cOt1fkuR3QZZNgIB5FPl_vDIoFVpHA-81k294TLIBW1sjPvCL7GnF2SP0z4Rj1BGoztApnUsDvTo8uePfmRPNc_lOFDXT4lD7YVqQ2jvd_05uEyhtxf452LE5pQ386ZpzYsLBZYlMLNlaP-I5qtne7v_xZH9M1OgXYsQHVinro8kNOEbVJUWV0lC9XF6xaWaS8UzTQxP-OVb1vVtSpCr7sT81sOFFjttiFgcUFeImYBXH4BxhKyD5piVx_WPtFF-J8ERmX6RZ8EeNgXqeEybr_O9bSxQ_eEmiXm_5-7RlgWd7_-tGP_YhbidL9SpG_TMAy7E2y_iFUpW4LgjSsMdWWwopPfr0eOLe33iTBaBp6ba2B1d2nxLIGjPgun_P4Q1Bka3ucGFnB6knCEKCxNI6Tl-siwShyYJ6YPYQ2_IoXfkxLn-z3pRqGhosSG5p8_P5zFiWMPrZQCMGUGchd7h_UFxnxFbHAheNT3mByqWFJtxe7fS9lJkWHj4e5TItK_HPVdz-wurzU1rGfuqDYVhPTrTsztsszklleNKnQOPy6LygE_qxExmfZtz70f-cRapVXrLCQruQY3StHwoC3I4GaWPSq4bYhAsg8nVtdzCBxUVdLHgobFYh_nQSAisTGh515Lxlc9MDDFE87R660s9jreXjyLhJ2Os8UIrXwxjPFD4ZP9f7RZXr0v8pyGdrfoPkEa5xkPLEnTeJRjrb3CZ3bt7tL3ibJuCuflFD3qSguw3yqUQo_W45vwQLM-F0ghDjhax2ffLc20j6xN-BXOP_psEL9RN_RrMgD9sdXYDjiB2jeM77BAkGegE3XUB9pTigG6EeEGm62vCqt73EG96C8HYyOazi0tIsqUreX_tV-WCpTh529mektCCwBQ1giu2mRC86bFLhJvq-sJKXolJz0wmi3T5py2XY60EpE6TDcV8_qKIqRl8J4rj0c_H-eTxI9-UkIhq2V5SGsvcPGxDViWS-XApNuDaLnRvvp_r1Zr56dyqkjV7ffyK9jnCcRzpTvTv_LdnNqQK5thf3r6CoeS_ljvd3KuobiP84WiS1_ID8w26Tz2-f5LL8vBw8BSMUL6rL1AA2RY6pgyUDqmmaWqc61lZs9s3BevcCn0YpEZ_ThdqJHg3aGu2lPS6snW45lV4fQ9LLNVMbPrCcQTzCbtP1rCU8G-lzPw_G1cRfDLAZadjya9H0l4llLx6BGR30KryDBP-11H5Zqe5XNah8KISGyk0ul1jSt0iAj474__Q6sOE4ysZQlG5kTShL9auXFVQwZ92sZ6pIlYdXOWsLp1x06vqytGHmNruB2Lf_UAGKuezQq-SwxytzNoaaI6jQ5Wj1G4MVitx-VCOzVSEm0T5SQTzU0iWQg0QmJceAOKZnxLUJ5sGl_AFtIar-nkBjxvCX_o8CQNE4dgnJi68vuFCHWJTTNCcbGKAzMAgiPHQCu8Pkwibln2gGV5hcZTcSSr9uGrLVeqUrlfqtFoYSZNrhi8JcLm5dQraGpO39UlIG9fM8iTFPPgtBaSwy18z-BN-uplis9edQ6hlud3YyRr8DuSIzf-y-lDHEvUkja36CAVDZjj4R0Q_drwR1YfgjGor5Z0i_v4t8S5ybNfSFs1yJzP3rN-E4FU3raZpuxKvBTfrwYzgsUkob7iFVEn11WZEiY3Ox2_AAASJdtvauG4B4Os1SqWb5ImXuykw1H6cdJbtpV-Az6LHa3JpMC2bM0A1yGyNcDeWiyLO0auXm_eERBHhF7PVp9614YDTxbcBgDWUTE7Cfv77dqqXYFW3n6oRjLCYjyYn-YgRNZvSO7xes3j1IT9rs-q_X1MQn2t9bVcEdOxP0XX-WYRble3iMZE-JEzefbPh_4Kyzd9xxqNH6U_-JLuaRa9SB2c_1cHTTyiYc-ZvlnK8kb0mlvtGhEOc7GIXO7yrsXA09fTao_PAiixibQ67CfYdC9ANvJmNIA4vOH7es6_SOirt7tZUP2w54vgPwaGRCAr4pFi1vHFF2wjRkiFWznJubWt8p0oHpF3L4q3KNp5W6a3W7UWBUYmvBaCUTDNdBbvFuZeJN6e3P4wODEXTYVLZ6ShsxBQjJafGvLynhGdkjZztIH6dP5C5Pn_aIj6EqXzxwH9tfNiQXjXDu7n3pxQZ6_mtnWnIzKZNFKOwKkj696w2WPZ4WialAoj2y4IiG-kArfxcEljHxmKsSDbV2UeBcoXPCvnVXZCqKs55fjJw38uwi4w&cid=CAASEuRoSn-nm4canAzzjWIsKH-wqA

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 91FA 0
0 53ms
52ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CLkoBCXyVYJv6HYb8gAfnp7uQBp-g_Otggfrh99EMqJPMtt4JEAEg9PnGJWD1lc6B4ATIAQaoAwHIAwqqBNcBT9B2uG2GeOPdQ65glli_oq-eY9iXrsZsekIOWmnXEXXYgWqhs-1oE_dquevp0QUQ7bVICfpegc2mKRLgTCwg5aHI4xPyh-FXBmpAus8Gt9t2fU40_9U87gZkGxhzrHCMBcXThmvs4E_vjaGP_qfUk2redowGm-XKvnpOFLb9tATEU63jJS1qu_i7Ng2Bwtjdwbwfo4XxetEN6o2GwLhH7RSBAUd99huQsYgWBv4CAyoz64bMTqEIBi-aBHQnKcUdE7mHC25l_doLX-tML0wd1x1wOcew27PABKjPqtaeA-AEA4gF47-DliqSBQQIAxgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfUgMLJAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcB8gcJEO5zGI-w-pIB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNjg4OTg0NzY0MjMyOTMzMIAKA8gLAbATxvi0CsgT5ri9CNATANgTENgUAdAVAYAXAbIXGgoYCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=HpXPAVgbvn4&cid=CAQSOwCNIrLMGR0yMJR3h2BKyl23iVJUtWTuXqHKrU30Ih3_LDwPYaZ5R1yAjzghs8hhML9jicy0-GlT-JFI&template_id=509&vt=10
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 91FA 0
0 16ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQRsLnf0wCNmwjOsoAAXDWpo5DAF3DLqbf_OVmWm84AH3i76u4R6JQOnDJV_mfELeHXY3o45sZrYgRnRujq5sZIT5LwBg
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTc2MDMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjcxNjE0Mzk0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzIiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTA0MTc2MDMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjcxNjE0Mzk0In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspva=4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 71614394 Show response
g.ezoic.net/dac/ 0
40 B 30ms
30ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/71614394
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 41ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspva=4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 41ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYXVjdGlvbl9lcG9jaCI6MTYyMDQwOTM1NCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTUwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MjkyLCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYXVjdGlvbl9lcG9jaCI6MTYyMDQwOTM1NCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTUwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MjkyLCJtdWx0aV9hZF91bml0IjoyLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; ezouspvv=60; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspva=4
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 91FA 16 KB
16 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=pt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 322222
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 04 May 2022 00:12:11 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame 91FA 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=pt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 143941
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 06 May 2022 01:43:32 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
172 B 236ms
236ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=763352594926180&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3D12a3b3570adcf20fd41a00445219acaa%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D2000%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2200%26reqt%3D1620409353762&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353765&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1560&adks=686215702&ucis=1k&ifi=56&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=9&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

7ed928db9e1a60073e98f7d50cfa05b91137b2462eb31c79227a6ace00567cac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html Show response
3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F335 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 07 May 2021 17:42:23 GMT
expires: Sat, 07 May 2022 17:42:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 10
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 34ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214051398855"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28014
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxNGU4YTg1ZDRjNDJmZjFkYjg3OTBjYmVmOWUzMzQ5MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDMyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzU1MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJyZWZyZXNoX2NvdW50IiwidmFsIjoiNyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfYmlkX2hhc2giLCJ2YWwiOiIxNGU4YTg1ZDRjNDJmZjFkYjg3OTBjYmVmOWUzMzQ5MyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDEyLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMTIsImJpZF9mbG9vcl9wcmV2IjowLjAwMDMyLCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0LCJjcmVhdGl2ZV9pZCI6MTM4MzEwMDQzNTUwLCJkYXRhIjpbeyJuYW1lIjoibG9hZGVkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJjcmVhdGl2ZV9pZCIsInZhbCI6IjEzODMxMDA0MzU1MCJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjI4Njg3Mjc0In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 28687274 Show response
g.ezoic.net/dac/ 0
17 B 31ms
30ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/28687274
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 40ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ0X2xvY2FsX2RhdGUiLCJ2YWwiOiIyMDIxLTA1LTA3In0seyJuYW1lIjoidF9sb2NhbF9ob3VyIiwidmFsIjoiMTkifSx7Im5hbWUiOiJ0X2xvY2FsX2RheV9vZl93ZWVrIiwidmFsIjoiNSJ9LHsibmFtZSI6InRfbG9jYWxfdGltZXpvbmUiLCJ2YWwiOiItMTIwIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 41ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjUwMCwiYmlkX2Zsb29yX3ByZXYiOjMyLCJiaWRfZmxvb3JfZmlsbGVkIjoxMiwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzM0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTQsImFkX3Bvc2l0aW9uIjoxMTAyLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjUwMCwiYmlkX2Zsb29yX3ByZXYiOjMyLCJiaWRfZmxvb3JfZmlsbGVkIjoxMiwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzM0LCJtdWx0aV9hZF91bml0IjowLCJtdWx0aV9hZF9jb3VudCI6MCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjI4Njg3Mjc0fV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=5
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/ Frame 679F 62 KB
17 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4548f5ec2c6bda6fc6e8445cc933964d2f5ad6620365c5ccd40fa0701ece93be

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/8508864670512961295/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Thu, 06 May 2021 03:09:30 GMT
expires: Fri, 06 May 2022 03:09:30 GMT
last-modified: Wed, 02 Sep 2020 08:44:48 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 17622
age: 138783
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F335 0
0 52ms
52ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CdI9QCXyVYKLwHpbugAeyv7mQA5Wx4YFivoSstp8MnMyKjd4bEAEg9PnGJWD1lc6B4ASgAfi_rfgCyAEJqQJqIU5JMnWyPuACAKgDAcgDCKoEngJP0KL1DRRfIcCfb5Ag3HQl9HFSkXtbSdnCBFR3_3DugVZOFubm7FCDaEUI12qwg1DJ59ByIeFQgI8vWVnn5F4v_yCHyKG7D8P3xhD3fPvhcgCO3XiHOZWAHSPdeNZYrGQgpsOMztTI8hZW5GqvNDkJUKmzpp5fGqcbs__Prbmx72ChgCx0AQfDxJk1ed3Wwwb02gBjjCyfaBsluDfRGrsq0K71Z1mdV01P9AtXGkRsuxsuColtN0Jdbs6Es2K6qdXCWee6EpE5AXmMByMoUPwsiblq9osokY_U8DPRBUCCpl3aieeVFEQhWrFBmTv1PRzP8q-pP4kboEP9jNoaGfMQzRa-EsGS4dV2-q9lDT-qqm0MWx4IDDvUnoy6RlFBwATYnZihlAPgBAGSBQQIBBgBkgUECAUYBJIFBAgFGBiSBQUIBRioAaAGLoAH8L_ShwGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwDyBwQQqLEH0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNjg4OTg0NzY0MjMyOTMzMIAKA8gLAdgTDYgUAdAVAYAXAbIXGgoYCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=TcmYzwhao1w&template_id=419
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame F335 17 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 395
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7043
x-xss-protection: 0
server: cafe
etag: 3975852021068510888
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 17:35:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame F335 2 KB
1 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 173
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 17:39:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F335 116 KB
35 KB 27ms
13ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214045155586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame F335 13 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 17
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 17:42:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F335 0
0 14ms
13ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSBTPEmbDCAvqBBFDHZiZVcDnnpysIlAEDl9CC3C3dL3Hule3ROi_QDWtZp0nFUS5oR4T6dbDLP5FZnFIxPsGpcacbIrA
Requested by: Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
16ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 85 KB
27 KB 253ms
252ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=144930513835462&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-box-1&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=6&prev_scp=a%3D%257C1%257C%26iid11%3D1011114%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1105%26sap%3D1105%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D4%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1000%26compid%3D0%26tap%3Ditigic_com-box-1-1011114%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26acptad%3D1%26br1%3D0%26br2%3D2300%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D25%2C26%2C27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C899%2C919%2C774%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C21%2C22%2C23%2C24%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D400%26reqt%3D1620409352867%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409353&dt=1620409353912&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=383&adks=4007782779&ucis=1l&ifi=57&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

f293cdb3fb820a4d473520e9181b8e3057ee4e33e49803213206ed212e627a52

Security Headers

Name	Value
Content-Security-Policy	child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLPXu5-PuPACFVeuewodaIkBEQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9394861924708256228/index.html
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: child-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html;frame-src 'unsafe-inline' cm.g.doubleclick.net googleads.g.doubleclick.net www.google.com accounts.google.com pagead2.googlesyndication.com/pagead/s/cookie_push.html gmsg: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html;report-uri https://pagead2.googlesyndication.com/pagead/gen_csp?id=adbundle&qqi=CLPXu5-PuPACFVeuewodaIkBEQ&gqi=&layout=/sadbundle/%24csp%253Der3%24/9394861924708256228/index.html
content-encoding: br
x-content-type-options: nosniff
google-creative-id: -1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27812
x-xss-protection: 0
google-lineitem-id: -1
pragma: no-cache
server: cafe
date: Fri, 07 May 2021 17:42:34 GMT
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame 9CF5 190 KB
54 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9CF5 12 KB
4 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9CF5 87 KB
27 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9CF5 27 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame 9CF5 40 KB
13 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9CF5 3 KB
3 KB 22ms
19ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40950
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame 9CF5 344 B
368 B 23ms
19ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29804
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
DATA 200
OK truncated
/ Frame 9CF5 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8f6b0e0bbb75ff5a68f03a2fdd1a449f4e27c29fa06ad9a6df8f732828c972bd

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 7845829392117767579
tpc.googlesyndication.com/simgad/ Frame 9CF5 18 KB
18 KB 23ms
20ms Image
image/gif 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/7845829392117767579

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

88d1bf4f2b000b3f448c055bdd7587a3bbcd94020e93a7e7c59c6a0fe86bc60d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 03 May 2021 23:05:23 GMT
x-content-type-options: nosniff
age: 326230
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18401
x-xss-protection: 0
last-modified: Fri, 19 Mar 2021 12:21:18 GMT
server: sffe
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 03 May 2022 23:05:23 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 9CF5 0
0 22ms
18ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTEJBgUsqXynXmDwgWsQN5NpY7NAU1X44DeKuNtIiSbjwerpT_T1-aJ2tj7er-1qytR7aJEaSymQsN9KC15dZZxO52wQA
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 9CF5 0
0 72ms
51ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=CE_QXCXyVYOGYKM6h7gPZoJrgCKXK-I5gh56mir8Nv-EeEAEg9PnGJWD1lc6B4ASgAcqfw94CyAED4AIAqAMByAMIqgScAk_Qec7xL9ffZnXDUe_921nad_ORL04s-mUHHJP-HYsPk8mw10TM0jqKdhjrI6AHOcprgh2J6sXe0iLB5fS3UKCyUOVbNXvL8fKNEN4Y8qBhSMfQAWNY8Rptftx1kr_-6ZOWA8_q16Op4ojcQkltCKW-FJFoHvjDyCmYsyAxnjarCGmMwdyTde9gIRyr3DkpebPc6b4XTaCdUHRQ6hmeWRkK2F_-r6fkpy8DvMnQc5rSWUELHAMlmgnSQn1OKLb3IllBUZ1Wge1DKIfU2-6FmDV_Ofz1VSE5cyQyamEyqTt_Vij46z4U804yux9bOMsR1EYzWW94ADzSYvREfFAtxkzOwZzrXpOI-GNwGSmZG7X8EF5e5sGNqrPEQz1YwAS6yNGeqQPgBAGSBQQIBBgBkgUECAUYBKAGA4AHnuC8oQGoB4qcsQKoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ8C7SCAcIgGEQARgd8ggbYWR4LXN1YnN5bi02ODg5ODQ3NjQyMzI5MzMwgAoDyAsB2BMC0BUBgBcBshcaChgIABIUcHViLTYzOTY4NDQ3NDI0OTcyMDg&sigh=z5g2r5UplHA
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 43ms
42ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM3MjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjcxNjE0Mzk0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM3MjQifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjcxNjE0Mzk0In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H2 200 71614394 Show response
g.ezoic.net/dac/ 0
17 B 32ms
31ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/71614394
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:33 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
42 B 42ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
42ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYXVjdGlvbl9lcG9jaCI6MTYyMDQwOTM1NCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTUwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzE3LCJtdWx0aV9hZF91bml0IjozLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYXVjdGlvbl9lcG9jaCI6MTYyMDQwOTM1NCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTUwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6MzE3LCJtdWx0aV9hZF91bml0IjozLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=6
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H3-29 200 amp4ads-v0.mjs Show response
cdn.ampproject.org/rtv/012103020108001/ Frame F70C 190 KB
54 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 55046
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "aeaf363b1ad89b36"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-ad-exit-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F70C 12 KB
4 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-ad-exit-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30060
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4548
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:21:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "4eb73d471ab4cb2c"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:21:33 GMT

GET
H3-29 200 amp-analytics-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F70C 87 KB
27 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-analytics-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27208
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "22950e05e749846e"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-fit-text-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F70C 27 KB
9 KB 12ms
11ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-fit-text-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9587
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "739644f32ad1483f"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 amp-form-0.1.mjs Show response
cdn.ampproject.org/rtv/012103020108001/v0/ Frame F70C 40 KB
13 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:811::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.ampproject.org/rtv/012103020108001/v0/amp-form-0.1.mjs

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439

Security Headers

Name	Value
Content-Security-Policy	default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * blob: data:; script-src blob: https://cdn.ampproject.org/lts/ https://cdn.ampproject.org/rtv/ https://cdn.ampproject.org/sw/ https://cdn.ampproject.org/v0.js https://cdn.ampproject.org/v0.mjs https://cdn.ampproject.org/v0/ https://cdn.ampproject.org/viewer/; object-src 'none'; style-src 'unsafe-inline' https://cdn.ampproject.org/rtv/ https://cdn.materialdesignicons.com https://cloud.typography.com https://fast.fonts.net https://fonts.googleapis.com https://maxcdn.bootstrapcdn.com https://p.typekit.net https://pro.fontawesome.com https://use.fontawesome.com https://use.typekit.net; report-uri https://csp.withgoogle.com/csp/amp
content-encoding: br
x-content-type-options: nosniff
age: 30844
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12827
x-xss-protection: 0
server: sffe
date: Fri, 07 May 2021 09:08:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/javascript
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
etag: "5cc8dcc2368726c7"
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 07 May 2022 09:08:29 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame F70C 4 KB
617 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&lang=pt

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:33:11 GMT
server: ESF
date: Fri, 07 May 2021 17:42:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H3-29 200 css
fonts.googleapis.com/ Frame F70C 4 KB
617 B 22ms
21ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,500&text=

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 15:52:32 GMT
server: ESF
date: Fri, 07 May 2021 17:42:33 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:33 GMT

GET
H3-29 200 Iqg9YOYtlzv8J79dT0jHkai3IJmH1IAi_kZCk55za6gP_S0682zpHAJncei4pezP7Hmur-gvhr2eXRmziZjBqDGf1xMQhTlj=w1200-h627-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame F70C 115 KB
115 KB 26ms
8ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/Iqg9YOYtlzv8J79dT0jHkai3IJmH1IAi_kZCk55za6gP_S0682zpHAJncei4pezP7Hmur-gvhr2eXRmziZjBqDGf1xMQhTlj=w1200-h627-rj-pd-pc0x00e9e9e9

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7784e55621e8e946cbb7143030530f5f4c59a7ee0319ca5603a9f64a92e9b775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
x-content-type-options: nosniff
server: fife
age: 0
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117261
x-xss-protection: 0
expires: Sat, 08 May 2021 17:42:33 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F70C 3 KB
3 KB 9ms
8ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40950
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F70C 344 B
368 B 9ms
9ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29804
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
DATA 200
OK truncated
/ Frame F70C 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d780048a7c1bc298cb70039524c3d1919c9631080fe5e02104e3ec69c23c34ae

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 ad
googleads.g.doubleclick.net/dbm/ Frame F70C 42 B
63 B 29ms
28ms Image
image/gif 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Bk9Au1RxORWngndMuQbNv1R5twHWNeLNJY-SOOu5YkxRtlIFe_ss9lAU9OvHMfDrwAq8Olgft6Z7xRkbZtE0rihZBlhyEjZshP543jVS4wA39vVGQCmtwqFkkKnKJql--akj4XoTVI1jdDwQNW_jyHwcriiQ&dbm_d=AKAmf-BNNoRXMswOn6LrBd5gwav2U3bz5Nu8P8_UycnK-khgHrsI872uekmyrEsq1t12ab2Vu6iVkzijYnULMMEcNjimsYBfHtFLeLdbUqlgt7D4AUZ8DZ5rFSQUaHcQ41YboJJFNeyeTDXGM__I-n-PMxQDqqAGPo4gMZir7cKm5yYqpKqppgFSVTjRuM4aInGf6i8q5ktah4tgbQS-8-KGT_HHKArHhfPTA3Mg9ghtJiR1owe6xFaogs651TIw6qOObivPedPbZ_kDGNSD3T5CZp3vSf5T_baoF5NDTgIDGMM2YFTnBTvJpSK0qYG5N6HF3fWocYKzJuEP2fCGNoxCTp0AtSHneaySd4oVHnzFWI-JO538qlwym6TtCXGsvHb41iSDQYYq0zrZlAfcuMR5Pe2S6zuoT4kxlvhWpimhz4yfSjn93B2VT_0vnemUvZQLs6ACTVLYXp-Rr4DqY-k698s7W982rjerkRLiqQvG8gnPA_pRpdcXruWuTHj2HRxqYjvap3CxPfuo4wREe4bUP0_ZgZK9T3ZYFin0yLEA53So37nAKoP08gvbuBL1OwoBHJnQgKxNSMTsVImvva5LVXVTRRsifov4xOs9Ej6UJmm2bvAIXz3Kv3phscHldGnx9zlJWPmy43RHiPHerhurR0TJBdrGAZtVy5_vgAgzeqCrtIEsc4aP57vtkh3OhK0fPdocSj1Zi21o4oU3GSOtO-5lPwB9x66zudFw_pH2lP-qamafutTtpzPfP5QF_YoUD6V_ZHFLbZv1ENF2zhMoQXeznkvemgTp6lxb4oYzaScRPtDN3nBqzbyqEnWgvLg2yEuSFRxugomBfhMN6fqbnkKnYwOox510OfubDSCreGnB2AY9Iq25ZvOwtydsuCXAijl5cac6OM4AOPV2OnOzRHGTR2FBAHAG7Mj0fLx8Z_uIatZUPdPFAADyysz-ELCoLXSOaX9sezhNe4Md18Vh8CSX8MDKpkvqXroOHCiaoUvwBgMv9y3FLl0I4FCCR8lqoTBP90LMdCp7g3-uwduoZnYIusnaGMxPJJHvcgS3NUAwxVb02r-GAbcn-dbbidmJ1Z4z-lbv8Pleuqs8tUe8rsHPG7n8NDW3hqbSUvoP_MEbCcGlsT2g0Vm_D5SxBBxuqp8rSScc-ib_SGk-mBjHIcbUekTjHKuKqIicKCIYKMF5BNMr6jH3uOkI2x05SKtHAFT-ioSY0Q61gEE78__1ZyharvFMvbawrrxpzKPgWwUQlkPcrkIuTaAl3xs-QOKm8qCnYLQUAet5FYvaRcR-L_zRazvpbK2qujoi_MLWzDXIBkHRLqhYhkQAV9sPKn50Rxj7SkqNy3rjmUixBlhrFssrIGHNp1-4a0zw78U9XOyQcHaJX-Fb0ppdwmXjIFKiV8h_U5BTIiKPQ6VTyarCChFte609VnTfDEmqtooM_AWXxhg6zqOVdSSJCw-QDIq9lbPc3FjQnD-aE4emJWMPtnbB1TxaSynioto6ziKNt5PoeSLcwwzeu_ojd43jqHg-sb3ovHa5ePOiqtXUDhbSCLeWTSpj-5oUJQp1pWNONQx-3ZaLX7M56Sofx01er9UxxBomDvj2W3wlalqG-MuMEArlvwbDVku-MXeOIhigfGjxOSBFTmtzeGtBOSLkUwpMybdoldOTZw074jdPYcfTmd4_BKlkdvdmHouWtUdiTBSKhlxtuS7m7gflLzVa7nWwRxxQGkV8zPJrsUpr6Rs1DvDplSLLh7jEIHhWPNTi3qXYgfMMSX7xtV7R_541Pnk_Y8ejY2BcawmgYgEDVieLoQqsfphHCvBikaGzOxEF1JIsdr5XZywl3U3qfpUSEkulf7jD-DJdeXsPljEi1j4CUCNhuOHNotf0tFRjX1ATuOdQfIBeDS2lQnWFzaep8MNc_D3nP3wznpFb3JRX8nF2d1h6WWTBewyNGHKhnYaIAVjK95649NlCr8IUNi0MCH5_o52Hz7MjSJoNEtmKeOhZzwTpSkj0_nvvmx0NctHQpCTScYX9cQhk_5iGT5a3NlSAWG3GI8zu1mofhCuJtoswqDeoAAKiszNY8t9_37kp6h-rv006Fswp6ltQyibteu9yyINJf35aPnPkV_dnmrscryCuSP3RQXAB1rU-rojdqeyPeNyTa9FsVE33hyFKBSEk3mwSB9I5iRHYjZS2Pr0INZQq3KtdEf3uqtH4ZJFudP-pTGivanelpH2_K8-kGzgStgNbWHGxWSGUMOgJegRrngUBVeVaN9EB4Hbwb5_Z0xrgezsVibBVJpajFbliZUbC039pSGCjF-qmhm5Kw6RRBLkKisJA9DNojtk_HPP1yAIFZedHyn5AmyA5JCoE8WnhoSWwbm5Wk-Kkh8-ZyVVK8LdprVpgLxkoKVIsLNCsrU7nCgDlioWCV2bj8UFIUhHKxcao3cAEsRNbbFiFLtzWLO-s2K-iBCF3WZUtBM6StCqoFJ1FuxCDtEv4HNwV7-IeP7tmPbgPju6FrujCSXc70mr_Als2_86NipjjAfXPtw5fLYiUX2Ww24itp3Ho7_bmvUQbT8UTmM52D7YSJPbGeZHJok5ICGDfVGI1WFJx5F_B5mt0NFF1r8j6jbW_0LAChfuz-Sga4cVA1W9R9nizavOtWfxBMpbFT5R3w-wj4w5RC9VqPpv0qLj0bJ_afz9fURSB8hswRRPzH5sZzevpTK4uZf2GEWt1pUPutMxnv22vHQV9jU9EHRQKuciIPqhtU15JRoiZkDlvRZl6YOhWde2quV7uug7acVtBZk7XBGFBNagqN8DqNjKxfgN1_3Is-cU1IvObKVithe6OAXxJFLJNkq7rOJnBSx66MHKWc6yeBkgeDkkXCXhpnkP34l_CkDrcKRpvOm9NqE1IgXUqYS0n3BieUgTIlzJkUl3KTUvankDh9TgR7Irfv19wT9ODF0NyO5pwQD76matvElM2WVoOh0EphUYCJmzClQAEoL7da4vk9_pClVIA88QBDpKgCmKdM82f_Pd-uxzNx8O3QPS4SUnXWffKdyZINnWkyvl-LVA7-EHpHCkELnCcpxDtp7IroBEWrzlTM_g_3dTDqArptksd00RIkmURwBLoEqjVpV0KxBoy1YRhIQfPpWPGAqQ9Gd6KyUpfNvYgH98eV11SDBsd4ZuT9ZSd51xpgyqGfxLRlOg&cid=CAASEuRoWqevtMK0bqKH8iq9Hycn1g

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:33 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame F70C 0
0 66ms
65ms Image
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=Ca-PSCXyVYLjGJJv0-gbGvpa4D5-g_Otggfrh99EMqJPMtt4JEAEg9PnGJWD1lc6B4ATIAQaoAwHIAwqqBNcBT9C-tRnIZqDIXKVkT6CBYIUDQO1pzpp3SlD3JasKshIk_6V8T_r_2CxWnQVI0rbGAnmf0jadNpHJOz8WDExvbDXR9sMavLlyTsGkIQGA5bvbSuPqzSQ7LO6Cz1v5d2Ki_zvkpU_aQyAyL85wm9EyRMlSWLeqD1POdqHdZP-_uf5OH9feMmscaV5wlc5aPli-SLIArKxOkEkJTirjiz0lzbC44Zls1QaEi10pRQmrAPMoyikFyFLrJWnjg5e2TsWAMYzADUDck4bPolWIZM7pfx1S3baWsCDABKjPqtaeA-AEA4gF47-DliqSBQQIAxgBkgUGCBsQARgBkgUGCB0QBBgBkgUGCB0QARgBkgUGCB4QARgBkAYBoAY3gAfUgMLJAagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfs1RuoB-6WsQKoB6a-G6gH7NUb2AcB8gcJENRqGI-w-pIB0ggHCIBhEAEYHfIIG2FkeC1zdWJzeW4tNjg4OTg0NzY0MjMyOTMzMIAKA8gLAbATxvi0CsgT5ri9CNATANgTENgUAdAVAYAXAbIXGgoYCAASFHB1Yi02Mzk2ODQ0NzQyNDk3MjA4&sigh=SXlHpTVYPFc&cid=CAQSOwCNIrLM4Yr37RyXYIL03nsxOobAOTaYFgrsAmF7plxfS39e2YtYF0SY25vxzUDy7Qv6SQAIlvJQy-RT&template_id=509&vt=10
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame F70C 0
0 14ms
14ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaTNtuevrsy_s2hkm_zTzS1LXXVugX5WdBw_73jgxg-xm4gfdyRkk4pd8RWyMz_h7L5geWWzoGQ8X6Ppg6A1MEzOUpEfhQ
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 43ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM4MjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjcxNjE0Mzk0In1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAuMDAwMDAyLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAuMDAwMDAyLCJiaWRfZmxvb3JfcHJldiI6MC4wMDQsInN0YXRfc291cmNlX2lkIjozNSwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzEiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjAsImNyZWF0aXZlX2lkIjowLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgzMTAwNDM4MjMifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6MCwiY3JlYXRpdmVfaWQiOjAsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjcxNjE0Mzk0In1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 71614394 Show response
g.ezoic.net/dac/ 0
40 B 33ms
32ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/71614394
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:34 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjowLCJjcmVhdGl2ZV9pZCI6MCwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:33 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
42 B 41ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYXVjdGlvbl9lcG9jaCI6MTYyMDQwOTM1NCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTUwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDIyLCJtdWx0aV9hZF91bml0IjoxLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYXVjdGlvbl9lcG9jaCI6MTYyMDQwOTM1NCwiYWRfcG9zaXRpb24iOjExMDUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJiaWRfZmxvb3JfaW5pdGlhbCI6MTUwMCwiYmlkX2Zsb29yX3ByZXYiOjQwMCwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYXVjdGlvbl9jb3VudCI6NywicmVmcmVzaF9hZF9jb3VudCI6MCwiYXVjdGlvbl9kdXJhdGlvbiI6NDIyLCJtdWx0aV9hZF91bml0IjoxLCJtdWx0aV9hZF9jb3VudCI6NCwibmV0d29ya19jb2RlIjoxMjU0MTQ0LCJkYXRhIjpbeyJuYW1lIjoiIiwidmFsIjoiIn1dLCJsaW5lX2l0ZW1faWQiOjcxNjE0Mzk0fV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=7
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
DATA 200
OK truncated
/ Frame F335 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bacd8d4d976a807d58af8d9928b71d5dd8c9356a45057e9330a3ddade6caa2c0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ Frame 679F 6 KB
679 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Open+Sans:600,700,regular

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ced502ac5573ccd197c3f0b1019323a5bc79954b290499a15bbb08b2854ad6f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 07 May 2021 17:07:46 GMT
server: ESF
date: Fri, 07 May 2021 17:42:34 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 07 May 2021 17:42:34 GMT

GET
H3-29 200 Enabler.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 679F 16 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/Enabler.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 03:56:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49541
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5866
x-xss-protection: 0
server: cafe
etag: 544157900006238945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 08 May 2021 03:56:53 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame 679F 22 KB
9 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 07 May 2021 18:54:40 GMT

GET
H3-29 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F70C 16 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=pt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 00:12:11 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:39 GMT
server: sffe
age: 322223
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
expires: Wed, 04 May 2022 00:12:11 GMT

GET
H3-29 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v27/ Frame F70C 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v27/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,500&lang=pt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://itigic.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 01:43:32 GMT
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 21:10:35 GMT
server: sffe
age: 143942
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
expires: Fri, 06 May 2022 01:43:32 GMT

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 126ms
126ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486372
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: Aw5UvjfVTHuPecB6EbacaHLjljQ8ySjaQUF1eZS4wTjzThubjh3c6A==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 17ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
176 B 236ms
236ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2692027913694192&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=4&prev_scp=a%3D%257C6%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D5%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3D12a3b3570adcf20fd41a00445219acaa%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D2000%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2200%26reqt%3D1620409354125&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409354&dt=1620409354128&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1825&adks=223664751&ucis=1m&ifi=58&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk%2CAGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=10&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

e798a9ed236ace4349f53f43e97544175af7b1caccdbc3e1dd8d5990ff1b72ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Iqg9YOYtlzv8J79dT0jHkai3IJmH1IAi_kZCk55za6gP_S0682zpHAJncei4pezP7Hmur-gvhr2eXRmziZjBqDGf1xMQhTlj=w1200-h627-rj-pd-pc0x00e9e9e9
lh3.googleusercontent.com/proxy/ Frame F70C 115 KB
115 KB 6ms
5ms Image
image/jpeg 2a00:1450:4001:810::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://lh3.googleusercontent.com/proxy/Iqg9YOYtlzv8J79dT0jHkai3IJmH1IAi_kZCk55za6gP_S0682zpHAJncei4pezP7Hmur-gvhr2eXRmziZjBqDGf1xMQhTlj=w1200-h627-rj-pd-pc0x00e9e9e9

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

7784e55621e8e946cbb7143030530f5f4c59a7ee0319ca5603a9f64a92e9b775

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:33 GMT
x-content-type-options: nosniff
server: fife
age: 1
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 117261
x-xss-protection: 0
expires: Sat, 08 May 2021 17:42:33 GMT

GET
H3-29 200 pt.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F70C 3 KB
3 KB 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/pt.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 06:20:03 GMT
x-content-type-options: nosniff
server: cafe
age: 40951
etag: 7735524722462771930
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2886
x-xss-protection: 0
expires: Sat, 08 May 2021 06:20:03 GMT

GET
H3-29 200 icon.png
tpc.googlesyndication.com/pagead/images/abg/ Frame F70C 344 B
370 B 7ms
6ms Image
image/png 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/pagead/images/abg/icon.png

Requested by

Host: cdn.ampproject.org
URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 09:25:49 GMT
x-content-type-options: nosniff
server: cafe
age: 29805
etag: 6766994032117382215
vary: Accept-Encoding
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
content-type: image/png
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Sat, 08 May 2021 09:25:49 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UNirkOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 679F 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UNirkOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,700,regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:47 GMT
server: sffe
age: 459536
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14880
x-xss-protection: 0
expires: Mon, 02 May 2022 10:03:38 GMT

GET
H3-29 200 mem5YaGs126MiZpBA-UN7rgOUuhp.woff2
fonts.gstatic.com/s/opensans/v18/ Frame 679F 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem5YaGs126MiZpBA-UN7rgOUuhp.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Open+Sans:600,700,regular

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: null
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 04 May 2021 20:40:38 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:11:00 GMT
server: sffe
age: 248516
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15056
x-xss-protection: 0
expires: Wed, 04 May 2022 20:40:38 GMT

GET
H3-29 200 container.html Show response
3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8A77 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:82f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://itigic.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://itigic.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Fri, 07 May 2021 17:42:23 GMT
expires: Sat, 07 May 2022 17:42:23 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 11
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 43ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDYxMDU4NDIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ4MTc3MzU0MjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InJlZnJlc2hfY291bnQiLCJ2YWwiOiI3In1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2JpZF9oYXNoIiwidmFsIjoiemVybyJ9XSwiaXNfb3JpZyI6ZmFsc2V9LHsidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLjAwMDAwMiwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJiaWRfZmxvb3JfZmlsbGVkIjowLjAwMDAwMiwiYmlkX2Zsb29yX3ByZXYiOjAuMDA0LCJzdGF0X3NvdXJjZV9pZCI6MzUsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJsb2FkZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiY3JlYXRpdmVfaWQiLCJ2YWwiOiIxMzgyNDYxMDU4NDIifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJsaW5laXRlbV9pZCIsInZhbCI6IjQ4MTc3MzU0MjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H2 200 4817735420 Show response
g.ezoic.net/dac/ 0
17 B 32ms
31ms XHR
text/plain 18.156.95.187
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://g.ezoic.net/dac/4817735420
Requested by: Host: itigic.com
URL: https://itigic.com/porpoiseant/banger.js?cb=194-3&bv=19&v=51&PageSpeed=off
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.156.95.187 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-156-95-187.eu-central-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
date: Fri, 07 May 2021 17:42:34 GMT
cache-control: max-age=3600, public
server: nginx/1.16.0
content-length: 0
vary: Accept-Encoding
content-type: text/plain

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InRfbG9jYWxfZGF0ZSIsInZhbCI6IjIwMjEtMDUtMDcifSx7Im5hbWUiOiJ0X2xvY2FsX2hvdXIiLCJ2YWwiOiIxOSJ9LHsibmFtZSI6InRfbG9jYWxfZGF5X29mX3dlZWsiLCJ2YWwiOiI1In0seyJuYW1lIjoidF9sb2NhbF90aW1lem9uZSIsInZhbCI6Ii0xMjAifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 42ms
42ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTQsImFkX3Bvc2l0aW9uIjoxMTA1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjE1MDAsImJpZF9mbG9vcl9wcmV2Ijo0MDAsImJpZF9mbG9vcl9maWxsZWQiOjAsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjMzNCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImF1Y3Rpb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImF1Y3Rpb25fZXBvY2giOjE2MjA0MDkzNTQsImFkX3Bvc2l0aW9uIjoxMTA1LCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiYmlkX2Zsb29yX2luaXRpYWwiOjE1MDAsImJpZF9mbG9vcl9wcmV2Ijo0MDAsImJpZF9mbG9vcl9maWxsZWQiOjAsImF1Y3Rpb25fY291bnQiOjcsInJlZnJlc2hfYWRfY291bnQiOjAsImF1Y3Rpb25fZHVyYXRpb24iOjMzNCwibXVsdGlfYWRfdW5pdCI6MCwibXVsdGlfYWRfY291bnQiOjQsIm5ldHdvcmtfY29kZSI6MTI1NDE0NCwiZGF0YSI6W3sibmFtZSI6IiIsInZhbCI6IiJ9XSwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H3-29 200 logo_v02.svg
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/ Frame 679F 6 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/8508864670512961295/logo_v02.svg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a3d21be02646badfddef3c5b4d98794e2a48f77f9e7ab7f999928cd2603f47b3

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 138782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2272
x-xss-protection: 0
last-modified: Wed, 02 Sep 2020 08:44:48 GMT
server: sffe
date: Thu, 06 May 2021 03:09:32 GMT
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 06 May 2022 03:09:32 GMT

GET
H3-29 200 index.html Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/ Frame FF61 46 KB
34 KB 10ms
9ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html

Requested by

Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

45a7a12a21e796e2ef11b843dfcfd15b11a1ca81201c62bdbc9f5f43681275a2

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sadbundle/$csp%3Der3$/9394861924708256228/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
date: Sat, 01 May 2021 18:11:07 GMT
expires: Sun, 01 May 2022 18:11:07 GMT
last-modified: Fri, 29 Jan 2021 17:09:53 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
content-length: 34979
age: 516687
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 adview
securepubads.g.doubleclick.net/pagead/ Frame 8A77 0
0 54ms
52ms Fetch
text/html 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://securepubads.g.doubleclick.net/pagead/adview?ai=ClYs5CXyVYPOuOtfc7gPokoaIAdGVrsZijfuQu80NtN_Rx6AOEAEg9PnGJWD1lc6B4ASgAeHdye4DyAEJqQKN6e0ro3OyPuACAKgDAcgDCKoEoQJP0NZHRBYNkT5pKmmsvlxwMgk5U5pna6PX9DqgcsTjfnRp0rahfb2y-nob3F9Sra6_Ahp36fGEGauFsFgsG7CtyPuVBN2cRlZN-s-EUki_e7uv_74Sai0S6Ru2ciIetMZQEn2FJPdNGHniE_Lu6sQy-MEvWm29XmtbtBTyHavB6qqjlh1UA5ozKSJjnqB7IFg3yBKOK9XCUlHDeiPmp-b306MLpZ5NflXL7-x8YbsGTlWmf3b0oROJkzVfJIRFeSKiTGE9lX72wsf20CMSQMJYcrNfuXG9RgYI5TVHDNx7d5CVr1eE7HC6UsgT1kPVgVo26Zb4BGw7FV4Ee5FBSKVUbKyHuJFAR3OdBmoSmMfYZmbj3elzdZWOdRG_-Cqrl2S6wATCo9yhswPgBAGSBQQIBBgBkgUECAUYBKAGLoAHh6K2EagHipyxAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAPIHAxDwLtIIBwiAYRABGB3yCBthZHgtc3Vic3luLTY4ODk4NDc2NDIzMjkzMzCACgPICwHYEw3QFQGYFgGAFwGyFxoKGAgAEhRwdWItNjM5Njg0NDc0MjQ5NzIwOA&sigh=9fErI8dndZ8&template_id=419
Requested by: Host: itigic.com
URL: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 142.250.185.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s53-in-f2.1e100.net
Software: /
Resource Hash

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/ Frame 8A77 17 KB
7 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/abg_lite_fy2019.js

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:35:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 396
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7043
x-xss-protection: 0
server: cafe
etag: 3975852021068510888
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 17:35:58 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 8A77 2 KB
1 KB 12ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/window_focus_fy2019.js

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:39:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 174
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 17:39:40 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8A77 116 KB
35 KB 18ms
14ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1620214045155586"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36073
x-xss-protection: 0
expires: Fri, 07 May 2021 17:42:34 GMT

GET
H3-29 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/ Frame 8A77 13 KB
6 KB 11ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210505/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 18
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5621
x-xss-protection: 0
server: cafe
etag: 8169261014141303515
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Fri, 21 May 2021 17:42:16 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8A77 0
0 18ms
15ms Image
text/html 2a00:1450:4001:80e::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaSQ4GHdv1kqNEulv0Qleb9Z4Pwg0Hb6pJZUkRzn2Phle1ZFeLFxoXTRhXBiIJBlCjeG_chtHR8lWvtPTloQAtJcRB2gEQ
Requested by: Host: 3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
URL: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:80e::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 ezoic.png
go.ezoic.net/utilcave_com/img/ 1 KB
2 KB 108ms
102ms Image
image/png 2600:9000:2017:c400:2:cb38:840:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://go.ezoic.net/utilcave_com/img/ezoic.png
Requested by: Host: itigic.com
URL: https://itigic.com/wp-includes/js/jquery/jquery.min.js?screx=1&sxcb=2a&ver=3.5.1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2017:c400:2:cb38:840:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx/1.16.0 /
Resource Hash: e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 02 May 2021 02:36:22 GMT
via: 1.1 2bb969477369da45208db698e8e34163.cloudfront.net (CloudFront)
x-sol: middleton
age: 486372
x-cache: Hit from cloudfront
x-middleton-display: staticcontent_sol
content-length: 1181
x-amz-cf-id: iqv-l0q1LGcC2fE_6BwPCc_IUjRymJ25rCbKe7mzPosIYepbZEvotQ==
last-modified: Fri, 23 Apr 2021 18:46:13 GMT
server: nginx/1.16.0
etag: "49d-5bd497273b080-gzip-gzip"
vary: Accept-Encoding,Accept-Encoding
content-type: image/png
cache-control: max-age=604800
x-amz-cf-pop: OTP50-C1
display: staticcontent_sol
expires: Sun, 09 May 2021 02:36:22 GMT

GET
DATA 200
OK truncated
/ Frame 8A77 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 304aa0c7fbac39f6276838fdcf0ad5c972480f1cbe233cd0b68973fef2c707ad

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 exitapi-impl.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/api/ Frame FF61 9 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/api/exitapi-impl.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 03:57:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49533
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3271
x-xss-protection: 0
server: cafe
etag: 7483759447172721109
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Sat, 08 May 2021 03:57:01 GMT

GET
H3-29 200 addata.js Show response
tpc.googlesyndication.com/pagead/gadgets/html5/ Frame FF61 22 KB
9 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/gadgets/html5/addata.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Thu, 06 May 2021 18:54:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82074
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8867
x-xss-protection: 0
server: cafe
etag: 18043545750443934562
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=86400
timing-allow-origin: *
expires: Fri, 07 May 2021 18:54:40 GMT

GET
H2 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FF61 186 KB
48 KB 38ms
15ms Script
text/javascript 2a00:1450:4001:801::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 07 May 2021 17:42:34 GMT

GET
H3-29 200 vF300x250_CH-Media_Bannereditor.js Show response
tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/ Frame FF61 37 KB
25 KB 8ms
8ms Script
application/x-javascript 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/vF300x250_CH-Media_Bannereditor.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sadbundle/$csp%3Der3$/9394861924708256228/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a20bae1d58458ab4468005d23c3161ce89727b4b30c122445452a019370c4728

Security Headers

Name	Value
Content-Security-Policy	default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://.ggpht.com https://.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; script-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://s0.2mdn.net/ads/studio/cached_libs/ https://storage.googleapis.com/vr-assets-static/test_ads/GMAPlayable/ https://www.gstatic.com/ads/ci/ https://www.gstatic.com/swiffy/; object-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com; style-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com 'unsafe-eval' 'unsafe-inline' https://ajax.googleapis.com/ajax/ https://fonts.googleapis.com; img-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com blob: data: https://*.ggpht.com https://*.gstatic.cn https://*.gstatic.com https://ajax.googleapis.com/ajax/ https://lh3.googleusercontent.com https://lh4.googleusercontent.com https://lh5.googleusercontent.com https://lh6.googleusercontent.com https://s0.2mdn.net/ads/studio/cached_libs/ https://static.doubleclick.net https://vr.google.com/shaders/w/techspecs/; media-src 'none'; frame-src 'unsafe-inline' javascript:; font-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com data: https://fonts.gstatic.com; connect-src https://tpc.googlesyndication.com https://pagead2.googlesyndication.com https://csi.gstatic.com/csi https://fonts.googleapis.com/css https://fonts.googleapis.com/css2 https://vr.google.com/shaders/w/techspecs/; report-uri /pagead/gen_csp?id=adbundle; child-src 'unsafe-inline' javascript:; form-action 'none'
content-encoding: gzip
x-content-type-options: nosniff
age: 516687
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25512
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 17:09:53 GMT
server: sffe
date: Sat, 01 May 2021 18:11:07 GMT
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 01 May 2022 18:11:07 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 6B15 0
749 B 109ms
107ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:34 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.173.89:80
AN-X-Request-Uuid: 66b7d36f-d2ca-4429-a0ef-cb9a5c6f622e
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 88E8 0
750 B 21ms
20ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:34 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.137:80
AN-X-Request-Uuid: eea9a894-2d27-4ba2-8d00-c642a8ccdd1a
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK async_usersync Show response
ib.adnxs.com/ Frame 8F8C 0
750 B 20ms
20ms Script
text/html 37.252.172.38
ASN-APPNEX

General

Check archive.org

Show headers Download Go to

Full URL

https://ib.adnxs.com/async_usersync?cbfn=queuePixels

Requested by

Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

37.252.172.38 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

690.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://acdn.adnxs.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 07 May 2021 17:42:34 GMT
X-Proxy-Origin: 91.132.136.60; 91.132.136.60; 690.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com; 37.252.172.239:80
AN-X-Request-Uuid: 1ce78b0a-8ec5-4b8a-a8de-e0a215e280a3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
DATA 200
OK truncated
/ Frame FF61 16 KB
16 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c4b70f3fc0c5bacd3407ba71979b6e1a673ca70d225264158e92411ec673bb5f

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame 91FA 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssFcMj-YM_rqL41KhTXvjTCBAr1LRfYImjdc8gO8RlqOVRpBxNaE8cyM1IlK_bsHIZ9iN69r05TOgNv0HqYGpEEUKDxvrTmKkjobj02yqQSvQ&sai=AMfl-YQKLItu7KCWCCCPkKscjH9KJTORKm4tUqIdRTzGbaM0q29sS7VYG4LFuT-ZF4uEZLEwOsOoO1Au3msS4HfPQ3BaRnN6oHqHYq0RhaJ1OWEmcW6E5pC5XKhQlYU&sig=Cg0ArKJSzOLgZsUkv3rsEAE&cid=CAASEuRoSn-nm4canAzzjWIsKH-wqA&id=ampim&o=1002,913&d=300,247&ss=1600,1200&bs=1600,1200&mcvt=1001&mtos=0,0,1001,1001,1001&tos=0,0,1001,0,0&tfs=137&tls=1138&g=100&h=100&tt=1138&r=v&avms=ampa&adk=165232301

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:34 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
42 B 40ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:34 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F335 42 B
64 B 56ms
55ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvRTAv4SrxezduDF-lnSfLBAgUTjO0NzJuUO49Fqg4pHpljujCIzO9YYr5DN_iF9y9hjZtpVw76-GZ35e2CvtVOM35VCw2khzBkS1eYYblWlrmvu-PLceO7EyElel6iVbwoTrrbalnn8P8DvMnZwA&sai=AMfl-YTf5DCcCzX3304hTlkiyaYSh_Fj3PSMggQoICS3_CbFvx2F8KuKi2LOeXZ3IBrVEajNzc10SF53X21bLVI9aqXqn80WNGMrXM9-T-OQWHjN418YStxtnHMsrT4&sig=Cg0ArKJSzPgiTAzkzTquEAE&cid=CAASFeRoCMueitVs8hzBE1VqnjXkSP4iEw&id=lidar2&mcvt=1000&p=290,566,350,1034&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=3929797713&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620409353781&dlt=34&rpt=325&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
42 B 41ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI2Ml0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8yIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI2Ml0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMiIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 40ms
39ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwMiwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJ2aWV3ZWQiLCJ2YWwiOiIxIn1dLCJpc19vcmlnIjpmYWxzZX1d
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H3-29 200 activeview
pagead2.googlesyndication.com/pcs/ Frame F70C 42 B
64 B 41ms
40ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstGQ8zByUhb9tutyvOMXNR37RC9bzQgsA69rthMytUlXDhccRKRpHv8aKeRGAwwSeowbUAOa_aFrFOhbJqCsYUS_O6jIoh5bi02asnfRv8-6A&sai=AMfl-YQQ8eumfjGm6gnmy9zdLiYnv41TI7y_Wk5eMpu1TbvdzlC7i1srJHuiaM7XxLzoLeez8zcl-orM5BfliJ_ac7TjUO2XTvSTZSaZQ6SraHTyfbQUAggH05ZvxaM&sig=Cg0ArKJSzKTMYvuwhFtxEAE&cid=CAASEuRoWqevtMK0bqKH8iq9Hycn1g&id=ampim&o=1002,648&d=300,247&ss=1600,1200&bs=1600,1200&mcvt=1000&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&tfs=105&tls=1105&g=100&h=100&tt=1105&r=v&avms=ampa&adk=165232300

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 41ms
41ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwicmV2ZW51ZSI6MCwiZXN0X3JldmVudWUiOjAsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiYmlkX2Zsb29yX2ZpbGxlZCI6MCwiYmlkX2Zsb29yX3ByZXYiOjAsInN0YXRfc291cmNlX2lkIjowLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoidmlld2VkIiwidmFsIjoiMSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:34 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
179 B 301ms
301ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=2825717332258726&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=5&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3D72c13a89ac876aaffdde39253459460b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D1800%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2000%26reqt%3D1620409354276&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409355&dt=1620409355281&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1560&adks=686215702&ucis=1n&ifi=59&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=11&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

27d4a0e76e9b927188fbbba93ca60b52f92de5602cb2f00dbc0085e96e4e9f85

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 40ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIxNDY1IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIxNDY1IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiI3MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAyMTQ2NSIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTItMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTAyLCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6Mjg2ODcyNzQsImNyZWF0aXZlX2lkIjoxMzgzMTAwNDM1NTAsImRhdGEiOlt7Im5hbWUiOiJmaWxsZWRfc2l6ZSIsInZhbCI6Ils0NjgsNjBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIxNDY1IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDIxNDY1IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMi0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDIsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjoyODY4NzI3NCwiY3JlYXRpdmVfaWQiOjEzODMxMDA0MzU1MCwiZGF0YSI6W3sibmFtZSI6ImRvbWFpbl9kZnBfc3R5bGVfaWQiLCJ2YWwiOiI3MSJ9XSwiaXNfb3JpZyI6ZmFsc2V9XQ==
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 40ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsInJldmVudWUiOjAsImVzdF9yZXZlbnVlIjowLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImJpZF9mbG9vcl9maWxsZWQiOjAsImJpZF9mbG9vcl9wcmV2IjowLCJzdGF0X3NvdXJjZV9pZCI6MCwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6InZpZXdlZCIsInZhbCI6IjEifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8A77 42 B
64 B 44ms
43ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuf0LnZW_5kP1wDrSvJeEEj5tWe-vNGoYT2-MJCfEH17y7AqI9dIPV34EVVHeIviaqgHqQx61NZVfIF2cher4iDr613xeIkVoIkZ7141AtaDpcGkLRY7z5obFw&sai=AMfl-YRM2-in56UhTF1e4ex2o5JbCcIDSNGkUr0yrXFxXwN_DkmOMtOeTSwb7bNWjboCpHxsHp7lU0ZSs_wKrhmgi0tJ62T-6XM-11c6woSqqhV9MKs5wfCPPCGnjdk&sig=Cg0ArKJSzOtNVK5yVlwsEAE&cid=CAASFeRoc-n7tFfEZVoXU0Bhx4yCUEQYxA&id=lidar2&mcvt=1000&p=383,1002,633,1302&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210505&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=2&adk=4007782779&rs=4&met=mue&la=0&cr=0&osd=1&vs=4&rst=1620409354247&dlt=25&rpt=1&isd=0&msd=0&r=v&fum=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 07 May 2021 17:42:35 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 41ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiODMifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8zIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI1MF0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMyIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6ImZhbHNlIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wXzMiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiODMifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H/1.1 200
OK SPug Show response
simage4.pubmatic.com/AdServer/ Frame B688 0
418 B 138ms
31ms Script
text/plain 185.64.190.81
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to

Full URL: https://simage4.pubmatic.com/AdServer/SPug?partnerID=156983&gdpr=0&gdpr_consent=&us_privacy=1---
Requested by: Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/showad.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://ads.pubmatic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Fri, 07 May 2021 16:44:05 GMT
Cache-Control: no-store, no-cache, private
Server: nginx
Connection: keep-alive
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 43ms
43ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI2Ml0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMF8xIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX3NpemUiLCJ2YWwiOiJbMzAwLDI2Ml0ifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTBfMSIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9mbHVpZCIsInZhbCI6InRydWUifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 16ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 345 B
179 B 275ms
275ms XHR
text/plain 142.250.185.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=1944758988814888&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=2&rcs=5&prev_scp=a%3D%257C6%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D6%26at%3Dmbf%26adr%3D399%26ezosn%3D1%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3D72c13a89ac876aaffdde39253459460b%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D1800%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D1%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D2000%26reqt%3D1620409354638&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409355&dt=1620409355646&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1825&adks=223664751&ucis=1o&ifi=60&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=12&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f2.1e100.net

Software

cafe /

Resource Hash

a81735771356ac2814c949860e33141dbdfc6d0fdd2d87a638b9499432ea152a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142
x-xss-protection: 0
google-lineitem-id: -2
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: -2
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://itigic.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 army.gif Show response
itigic.com/porpoiseant/ 0
19 B 40ms
40ms XHR
text/plain 52.19.6.38
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://itigic.com/porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0=
Requested by: Host: itigic.com
URL: https://itigic.com/detroitchicago/cmb.js?gcb=194-3&cb=01-100-103-1004-10d-506-507-70a-30c-30e-212-211-313-317-1021-23-&cmbcb=10&01&00&03&04&0d&06&07&0a&0c&0e&12&11&13&17&21&23
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 52.19.6.38 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-19-6-38.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:path: /porpoiseant/army.gif?orig=0&sts=W3sidHlwZSI6ImltcHJlc3Npb24iLCJpbXByZXNzaW9uX2lkIjoiMTAxMTExNCIsImRvbWFpbl9pZCI6IjE5ODQzNyIsInVuaXQiOiJkaXYtZ3B0LWFkLWl0aWdpY19jb20tYm94LTEtMCIsInRfZXBvY2giOjE2MjA0MDkzNDEsImFkX3Bvc2l0aW9uIjoxMTA1LCJhZF9zaXplIjoiIiwiY291bnRyeV9jb2RlIjoiQ0giLCJwYWdldmlld19pZCI6IjliMGM5ODc0LTFhYjUtNGU1MS03YjRiLTIyZmU2MDA1OTRlMCIsImNvbXBfaWQiOjAsImxpbmVfaXRlbV9pZCI6NDgxNzczNTQyMCwiY3JlYXRpdmVfaWQiOjEzODI0NjEwNTg0MiwiZGF0YSI6W3sibmFtZSI6ImZpbGxlZF9zaXplIiwidmFsIjoiWzMwMCwyNTBdIn1dLCJpc19vcmlnIjpmYWxzZX0seyJ0eXBlIjoiaW1wcmVzc2lvbiIsImltcHJlc3Npb25faWQiOiIxMDExMTE0IiwiZG9tYWluX2lkIjoiMTk4NDM3IiwidW5pdCI6ImRpdi1ncHQtYWQtaXRpZ2ljX2NvbS1ib3gtMS0wIiwidF9lcG9jaCI6MTYyMDQwOTM0MSwiYWRfcG9zaXRpb24iOjExMDUsImFkX3NpemUiOiIiLCJjb3VudHJ5X2NvZGUiOiJDSCIsInBhZ2V2aWV3X2lkIjoiOWIwYzk4NzQtMWFiNS00ZTUxLTdiNGItMjJmZTYwMDU5NGUwIiwiY29tcF9pZCI6MCwibGluZV9pdGVtX2lkIjo0ODE3NzM1NDIwLCJjcmVhdGl2ZV9pZCI6MTM4MjQ2MTA1ODQyLCJkYXRhIjpbeyJuYW1lIjoiZmlsbGVkX2ZsdWlkIiwidmFsIjoiZmFsc2UifV0sImlzX29yaWciOmZhbHNlfSx7InR5cGUiOiJpbXByZXNzaW9uIiwiaW1wcmVzc2lvbl9pZCI6IjEwMTExMTQiLCJkb21haW5faWQiOiIxOTg0MzciLCJ1bml0IjoiZGl2LWdwdC1hZC1pdGlnaWNfY29tLWJveC0xLTAiLCJ0X2Vwb2NoIjoxNjIwNDA5MzQxLCJhZF9wb3NpdGlvbiI6MTEwNSwiYWRfc2l6ZSI6IiIsImNvdW50cnlfY29kZSI6IkNIIiwicGFnZXZpZXdfaWQiOiI5YjBjOTg3NC0xYWI1LTRlNTEtN2I0Yi0yMmZlNjAwNTk0ZTAiLCJjb21wX2lkIjowLCJsaW5lX2l0ZW1faWQiOjQ4MTc3MzU0MjAsImNyZWF0aXZlX2lkIjoxMzgyNDYxMDU4NDIsImRhdGEiOlt7Im5hbWUiOiJkb21haW5fZGZwX3N0eWxlX2lkIiwidmFsIjoiMzIifV0sImlzX29yaWciOmZhbHNlfV0=
pragma: no-cache
cookie: _pbjs_userid_consent_data=3524755945110770; __gads=ID=209913d2cf081110:T=1620409347:S=ALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ; cto_bidid=KSh6BV9Vd1hrSHY4aERPOEFEVlZyUU1xR1QlMkJjbWtJczZ1NlBBTWZRWUNkQjhhJTJCTE9VQWpkd0pJNElFVElnUWJCWHN2ZVY1YWd5UlYlMkJTMHFicmpSdUllZUVrZyUzRCUzRA; cto_bundle=ItKwLV8lMkJqSFYxRDd3UXdhSnRYR2dzOVFLN256ek1ta2xwVyUyRllXbGZtQmtPTjFhTUpvMHpGRlp3cE8ycHJZYldFbDVEdDZ1RXRxU3htcFRyeW1jcDNuTHFRSkkzb2ZZOWxvSWZBUktzdmN6VWgyMWVHRk9xbEYzNERwUnFUWlpVME1rMGc; ezouspvh=20; ezux_lpl_198437=1620409351960|9b0c9874-1ab5-4e51-7b4b-22fe600594e0|false; _ym_uid=1620409352194850952; _ym_d=1620409352; _ym_isad=2; id5id.1st=%7B%22created_at%22%3A%222021-05-07T17%3A42%3A33.193333Z%22%2C%22id5_consent%22%3Afalse%2C%22original_uid%22%3A%220%22%2C%22universal_uid%22%3A%220%22%2C%22link_type%22%3A0%2C%22cascade_needed%22%3Afalse%2C%22privacy%22%3A%7B%22jurisdiction%22%3A%22gdpr%22%2C%22id5_consent%22%3Afalse%7D%7D; id5id.1st_last=Fri%2C%2007%20May%202021%2017%3A42%3A33%20GMT; ezouspvv=72; ezouspva=8
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: empty
:authority: itigic.com
referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Fri, 07 May 2021 17:42:35 GMT
server: nginx/1.16.0
vary: Accept-Encoding Accept-Encoding
content-type: text/plain; charset=utf-8
x-middleton-display: ezp_sol
cache-control: max-age=0, must-revalidate, no-cache, no-store
content-length: 0
expires: Thu, 06 May 2021 17:42:35 UTC

GET
H3-29 200 integrator.js Show response
adservice.google.ch/adsid/ 107 B
122 B 17ms
16ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.ch/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=itigic.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021042801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://itigic.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Fri, 07 May 2021 17:42:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET ads
securepubads.g.doubleclick.net/gampad/ 0
0

GET
DATA 200
OK truncated
/ Frame FF61 17 KB
17 KB Font
application/octet-stream

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 670f25ce3d8dfd584c6685c5f560385cb7e9ce9abf3089bc0fcd735636686993

Request headers

Origin: null
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: application/octet-stream

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q&r=https%3A%2F%2Fmatch.prod.bidr.io%2Fcookie-sync%3Fbee_sync_partners%3Dsas%252Cpp%252Cox%26bee_sync_current_partner%3Dpm%26bee_sync_initiator%3Dadx%26bee_sync_hop_count%3D2

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=7566101433466681428

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AAD7cU7BKvgAACzEtLQ56Q

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=ZRXq6P9HazaibCTpuiz6WxIm

Domain: match.deepintent.com
URL: https://match.deepintent.com/usersync/141?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MzAmdGw9MTI5NjAw%26piggybackCookie%3D%24%7BDI_USER_ID%7D&gdpr=0&gdpr_consent=

Domain: uipglob.semasio.net
URL: https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=BE73A413-39CC-4B40-836F-8E00FFE00B3D&sInitiator=external&gdpr=0&gdpr_consent=

Domain: visitor.fiftyt.com
URL: https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=BE73A413-39CC-4B40-836F-8E00FFE00B3D&gdpr=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEPnPybkTEj5bMfWmCqHXQuY&google_cver=1

Domain: um.simpli.fi
URL: https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=4435999911562095551&gdpr=0&gdpr_consent=

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?gdpr=0&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=izJpmYphYJWQMDHOiWR9mIVnYZ2QZGmb2WFW961z

Domain: prod.perf-serving.com
URL: https://prod.perf-serving.com/sync?ssp=bidswitch&bidswitch_ssp_id=pubmatic

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D

Domain: image2.pubmatic.com
URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5NjkmdGw9MjU5MjAw=&piggybackCookie=17c61690-ff85-47c9-8454-12603c63c786-60957c09-4348&gdpr=0&gdpr_consent=

Domain: sync-tm.everesttech.net
URL: https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D191940%26nid%3D3778%26put%3D%24%7BUSER_ID%7D

Domain: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2673549932243580&correlator=4128423248784400&output=ldjh&impl=fifs&eid=31060790&vrg=2021042801&ptt=17&us_privacy=1---&sc=1&sfv=1-0-38&ecs=20210507&iu_parts=1254144%2Citigic_com-large-billboard-2&enc_prev_ius=%2F0%2F1&prev_iu_szs=320x50%7C300x250&fluid=height&ris=1&rcs=6&prev_scp=a%3D%257C1%257C%26iid11%3D1024014%26t%3D134%26d%3D198437%26t1%3D134%26pvc%3D0%26ap%3D1124%26sap%3D1124%26as%3Drevenue%26plat%3D1%26bra%3Dmod1%26ic%3D7%26at%3Dbf%26adr%3D399%26ezosn%3D0%26reft%3Dtf%26refs%3D30%26ga%3D2497208%26rid%3D99998%26pt%3D0%26al%3D1034%26compid%3D0%26tap%3Ditigic_com-large-billboard-2-1024014%26eb_br%3Dzero%26eba%3D1%26ebss%3D10017%2C10082%2C10061%2C10015%2C11304%2C11307%26asau%3D7838546742%26bv%3D28%26bvm%3D2%26bvr%3D5%26shp%3D3%26ftsn%3D3%26br1%3D0%26br2%3D3200%26ezoic%3D1%26nmau%3D4%26mau%3D0%26stl%3D32%2C0%2C28%2C67%2C45%2C122%2C66%2C20%2C71%2C30%2C0%2C31%26deal1%3D27%2C28%2C29%2C30%2C760%2C761%2C813%2C815%2C816%2C817%2C818%2C819%2C899%2C917%2C918%2C919%2C988%2C774%2C24%2C25%2C26%2C23%2C24%2C25%2C26%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%2C21%2C22%2C23%2C24%2C25%2C26%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%26ax_ssid%3D10082%26amznbid%3D2%26amznsz%3D0x0%26amznp%3D2%26lb%3D1800%26reqt%3D1620409355788%26ss38%3D1%26ss9%3D1&eri=1&cookie=ID%3D209913d2cf081110%3AT%3D1620409347%3AS%3DALNI_MYCUELuDQBZZq_t6fdKkMSCCHgmDQ&bc=31&abxe=1&lmt=1620409355&dt=1620409355792&dlt=1620409342880&idt=923&frm=20&biw=1600&bih=1200&oid=3&adxs=1002&adys=1560&adks=686215702&ucis=1p&ifi=61&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fitigic.com%2Fpt%2Fsteal-information-with-finger-command-in-windows-10%2F%26%23160%3B&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x-1&msz=300x-1&psts=AGkb-H9awlplzm3R5rYar7qljqzk&ga_vid=1178867069.1620409344&ga_sid=1620409344&ga_hid=2059617897&ga_fc=false&fws=0&ohw=0&btvi=13&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Verdicts & Comments Add Verdict or Comment

282 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

0 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

7 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://itigic.com/wp-includes/js/jquery/jquery-migrate.min.js?screx=1&sxcb=2a&ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&
console-api	info	URL: https://cdn.ampproject.org/rtv/012103020108001/amp4ads-v0.mjs(Line 10) Message: Powered by AMP ⚡ HTML – Version 2103020108001 https://itigic.com/pt/steal-information-with-finger-command-in-windows-10/&

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3fc1b23a7f7676f8a612476f135a3c46.safeframe.googlesyndication.com
a.tribalfusion.com
acdn.adnxs.com
ad.turn.com
ad4m.at
ads.playground.xyz
ads.pubmatic.com
ads.yahoo.com
adservice.google.ch
adservice.google.com
ajax.googleapis.com
b1sync.zemanta.com
bh.contextweb.com
bidder.criteo.com
c.amazon-adsystem.com
c1.adform.net
cdn.ampproject.org
cm.adgrx.com
cm.g.doubleclick.net
cm.smadex.com
contextual.media.net
cs.media.net
cslogger.media.net
csync.loopme.me
dis.criteo.com
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
eu-u.openx.net
eus.rubiconproject.com
ezoic-d.openx.net
fonts.googleapis.com
fonts.gstatic.com
g.ezoic.net
go.ezodn.com
go.ezoic.net
googleads.g.doubleclick.net
gum.criteo.com
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
idsync.rlcdn.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
itigic.com
js-sec.indexww.com
lh3.googleusercontent.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.deepintent.com
mc.yandex.com
mc.yandex.ru
mug.criteo.com
mwzeom.zeotap.com
onetag-sys.com
p.rfihub.com
pagead2.googlesyndication.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
prebid.media.net
prod.perf-serving.com
pubmatic-match.dotomi.com
rtb.gumgum.com
rtb.mfadsrvr.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
secure-assets.rubiconproject.com
secure.adnxs.com
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssum-sec.casalemedia.com
static.criteo.net
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.mathtag.com
sync.targeting.unrulymedia.com
tag.1rx.io
tdns3.gtranslate.net
token.rubiconproject.com
tpc.googlesyndication.com
track-east.mobileadtrading.com
translate.googleapis.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.redeszone.net
x.bidswitch.net
image2.pubmatic.com
match.deepintent.com
prod.perf-serving.com
securepubads.g.doubleclick.net
sync-tm.everesttech.net
uipglob.semasio.net
um.simpli.fi
visitor.fiftyt.com
136.144.59.88
142.250.185.226
142.250.186.162
151.101.113.108
159.65.197.210
162.55.6.211
173.231.181.122
178.250.0.157
178.250.0.163
178.250.2.131
18.156.95.187
18.184.169.195
18.196.131.255
185.29.135.190
185.64.189.112
185.64.189.114
185.64.189.115
185.64.190.80
185.64.190.81
193.0.160.128
198.148.27.140
2.18.233.180
2.18.234.21
2.18.235.93
2001:678:cb4:bbbb::11
213.19.147.43
213.19.147.45
23.37.38.181
23.79.143.124
2600:9000:2017:c400:2:cb38:840:93a1
2600:9000:2104:da00:6:44e3:f8c0:93a1
2606:4700:10::6816:1957
2606:4700:3032::ac43:b890
2606:4700:3036::6815:325d
2606:4700:3039::6815:c03b
2606:4700::6812:c05
2620:116:800d:21:51e4:db4b:4436:b305
2a00:1288:110:c305::8000
2a00:1288:80:800::7000
2a00:1450:4001:801::2006
2a00:1450:4001:80e::2004
2a00:1450:4001:80e::200e
2a00:1450:4001:80f::2002
2a00:1450:4001:810::2001
2a00:1450:4001:810::2002
2a00:1450:4001:811::2001
2a00:1450:4001:811::2008
2a00:1450:4001:811::200a
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:813::200a
2a00:1450:4001:828::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82f::2001
2a00:1450:4001:830::2003
2a00:1450:4001:831::200a
2a00:1450:400c:c04::9a
2a02:2638:1::3
2a02:2638::1c
2a02:6b8::1:119
2a02:fa8:8806:20::2010
3.125.99.7
3.126.56.137
34.250.165.246
34.98.107.212
35.244.159.8
35.244.174.68
37.157.6.252
37.252.172.38
37.252.172.45
51.255.81.138
51.89.9.251
52.18.52.16
52.19.6.38
52.44.75.235
54.239.17.112
54.36.109.22
64.202.112.127
65.9.73.70
65.9.86.127
69.173.144.139
85.114.159.93
02a086abc2d789dc287ce98d260bf76ffee88c23072f53ec9a1b099d2f7cdd70
05b1936a5e4229dc34d8e5fcfc22ce024634ea618687f37e31857402b27c4dba
05d2e6c3b3f4df187c819919bab280a9c62b7a189998f70ec1e123b0a00d3611
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
07e4ab53ff70c709036d6c63eb197f689c77adba37ab329e839c0fbbc5bc472a
08096b508773e489b80bed9eb56e2000cf1341c6dea349be545e866e1f601b0d
084cf3a821fc57f2583dae3ff29f38f5786dbc9de435060efa2f64415422c159
0b374aad70ffad4e36e8d5792084dc6f0b9fa57277090113bb44ededcdcd5cac
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0b9a8a3f27fa969797b4fbec0716dcacd5aaa38202277691d7baf41a540963fd
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d
0e9ff11df9470eee4787243897f4bffd9e6ac022d03ca7b502eec89d0d8e9a80
1399c58acf10d4a686cd34c3f2db63f46c797a483ac7908461a11533e6694b57
1491de1b31182d38593bcf660c99bc6018af8e192d91663f67ec9d045a3b5ccc
16a57454ba7aadd117488e0399e216526b7395a307dbe83a053599f24b58b9ff
1866961a029c65376fefb7f2ba1e6187e09ff50ea58d97dedfd72c197947d002
18cc5e8817b84f62c697000fca7567e088c981f056b9fed09bd9984731bace1c
19d74f11bbbf906b31d9510ad8f151ebaa35d13781deee5ee2d8372a94ae0660
1a3619f8c58de8c9db32656f3156a925d6d8d7be394a923b594e0c84d0c0bb25
1c2525b3e7631f2411872aac663bded4c73bd4e4f26182862b28db7f406d1c61
1cf04407e728ea1ebf82dc1c6b45d12632cb3202ff8f4556f380b16e57484f27
1d6f7818a09adfc9c11ff7110eb866179ef9d36a3625cd1c02e23292d315daaa
1dbca2dfcb87e1bf742c2b9c2e9afd993ce01fd6a910d26d8374ea6b74928326
1fdb80edf5cb581bd2fbe548fb8440293fa92d121f4bf6653ce8074236ecef87
2024d3b810e8a8f1e789594c2ce631f80251d77237e3159478ef814809624bd0
21d45a4ed77653b3b1ee2b47a786a4dbb936a3b19fc56e1b44c16aed35eb80ee
23371b5319a53a0a2d3c59d738d679c384822c244ea4e791ef87a4110b8a291e
24a395d178b955d57372b3978ceac2816f4fe4fc7c759bb30c04e39586a7c9cf
27d4a0e76e9b927188fbbba93ca60b52f92de5602cb2f00dbc0085e96e4e9f85
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2b88a3014a54cb88ca582881fcf2d9e1f0365987b3b1ccb148e1bb6878906ef4
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2cd9de3dd26246204749cff259bc34e8e6a47ae5d6e4528b9b28c75d68d50cde
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
2e36bd3bdbb929f427e79a6c84b7922b4375589386981eba29eb0cff57b02b1b
304aa0c7fbac39f6276838fdcf0ad5c972480f1cbe233cd0b68973fef2c707ad
30b250c89aa882cdf15a274e8e754f9b1f8106191180cfa81cd3c0d005f4cca7
31eae64313cc4651bbb8f415ccba09b43341d117b4927fdd5d8944d5af49a6b6
337e39f1a9f4502351074ae4b9f8a31da68411b6360d4ec710da91cd5d4ea460
35ced94808edaacf0dc1488cd1e116a454af14e56062595a458228d697d1c1f9
36a9e7f1c95b82ffb99743e0c5c4ce95d83c9a430aac59f84ef3cbfab6145068
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
37b266ea13f3f0ad1e1047d21c9f08eb2303fd263528e0bb23721a74bd041b8e
37d29979cc13eac68ee8339830a9685021bdb74db368b1a9bb0be3db71818d63
3856e7f4b671e597667b3c71ae17adafc1d0073de52364add4a7229b32ce22d6
3997418653e2fa79e57bae099e4530803bbdf041ccbc8a3d10a5a9533385ef47
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3dda9a27a479da565ecc0430ec8c78c76aa9d87bf3c3921f6fe4fa33c48b151d
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
421192a006149c26292f6690c2cb34bf0425ab74ae9ae0a47f8d3cd7a8c7c765
42d7e85a3c2841677ae5754df71eddb308d751997814815d1d00d49429935d8e
4548f5ec2c6bda6fc6e8445cc933964d2f5ad6620365c5ccd40fa0701ece93be
45a7a12a21e796e2ef11b843dfcfd15b11a1ca81201c62bdbc9f5f43681275a2
4634b94630896f1a23c5ce01f743d720847c5f4dd28fb549ed503cb2df4f8e87
471a6d8dd9f491dba6a88c3dc9d3a7e15026582c724f5d548bcc6760b787047c
47f846238944f1ac716accc2d5a9c82069f2e3205ade3c70fb26d0a31d78361c
4821fcf9c6131b5e09c316f6946b187f0b3751d723a19b2ff9f2df396d232cbf
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4b1cd7954c58f4550fb3332494889df7b71d7c375e7096ca47b2649869fcaf6b
4c6af60796cc240ad277098308cf363c2700f5296264ec1b43b4e1362763c439
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e1d1a6df0cbcdd769202bdf48c58be557fc82da61315922d05c343eb80ba25f
4ed567bf0f9b6ee9fab3483a8317ee8f51ca7028809626a4f0d7a8d0d3979d38
4efae2bf3d602963b6cee19b3ee358ad0b7691205a0ed10477bb5af8a8db9657
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
509798a55132cdc24b38e03e7699ca9f834c1eca23a8c85f93c1a1a57ecbf9e8
5254f094364127f251dd78e3d1f019b8e09529469689d2d419e9de8458a0289f
53b99e4bde7498900885e58f9d6c383258f8a59b04389d6b54d3d4b89537b6f2
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
551fb322939d8b33c354ad9fd61d46e04a189c634d940d6dbfbe94f8770b4468
55e5d70685c5810f8354e38016faaa1c33dbbaf91586de31e16f8ec59df36a5f
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5827adb70b8322616b409c3230bd1a69a203870fe0e77b2d19c74d36053c3a81
58de830b0a508240823eef944246665136eade72ed0b7a0dfbb4a0edd1d77a3b
599325d39743959cdacb163b742dd6f622443a73f155364bbcc465a291ce0b5a
59a30a962cf8b843f6eed65fd0833756eb9e1df842b336ed0805966c5ade463a
5a02bd1c04882358234e90688669d51ce4e65b63ae5318c25c0fa0ac6a229664
5f0207bbbd69497c7a37284c0b6f9bdcc9f83c574a4cda737e00a390d0ed268f
6333fcdc4d70d96965357d7f792b54a03a2e8e45e6ad93365068df9b879c5d40
6471e6333744791f6538cbe96d397e558b68d5025e08ea3485270d2d11039e53
654a6b90bd1e8379f0f7b0f3f418c3bad7ee695fbd8979b7c22a993a85765486
663dab1310a7e64c3bdd7dfdc81b7fc9a28884d4ee290b96077c7b32bbe84707
670f25ce3d8dfd584c6685c5f560385cb7e9ce9abf3089bc0fcd735636686993
67d3546164d9c00f9c8c60b74ef4a30c2c8932edd3508e404c492c0439f86f3e
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
684e2d9c3fbcf3fb72c6fb98cdd941d4fc9a18c4dc94cc182d68b8da1f059d51
68eda713b8797f69e5bc3b27edf31e5a80de88c0c52c23489e876f52e3a64c76
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6e553b4e88ac4a1819d608fe9dcb46544ca5fb776d4e0c84d773f37b1df18211
6fa6d100ba31be4df3623ba6900df09a8f09d48c8c17eca4938a783f6817ada9
7217b7067f9762d9c2109b545c93872ab0a1386e9c09382825433b48d21b5d16
72e979d77e109d69f4bbdd2402b1a65501017bb7dd092a651af1f1dfa4ddef70
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
73d1a31cd225f2d580abcfac574b04ad3b1118a743b7c5619a7a08316f7ee874
74201a4b97ec1d5e86252dd0180eafd8c5378a9235864dbcd682f3575b41c85b
744b436600cd35e7898be8843c04c1115c45bf08143d085ac149e8c4f8151e3d
745a085b52b8371ec6705413fca70a28c6d8bff0db480e6b124bd08c54e95ef8
74fd0705ac2f2149261eb8cad89d6de0e865680a30a6c5a41ae58b1f2e691c7c
76106414a05860a99ce180d98f992d5350007c94831955e1494f8f59a58b410a
7784e55621e8e946cbb7143030530f5f4c59a7ee0319ca5603a9f64a92e9b775
77bb5b01653cd5954802c9b155b6c5bafd0bc9be44732e0a95716ab0ed2880da
796c46ec10bc9105545f6f90d51593921b69956bd9087eb72bee83f40ad86f90
7b383d7534e1493c687cad842946d899c14f94b5cc549c09b105401bcb157f8a
7c29870434c548969f868c69b1d02948898a463b56f1e9a174bf4082806689f7
7d84f9e8ef61f0a68b5b4ec2dafe85fb4e864a0c0513216ace683868a00f7f14
7df9c4cdfb9a1291df6652729b571ec6511f46da9f23388233e3ac2722569c63
7e51cd9fd7c7e0cfeb69ea5ea5aa92e3b5064bd4a29cffa157a438ce1b45da24
7eca7977c6ade416c20775a7fd7cfa2291c5752cd1225d5c4342b057c37a000c
7ed928db9e1a60073e98f7d50cfa05b91137b2462eb31c79227a6ace00567cac
8000d797097e74bfff377d2f3fca7e046ee4490ea4edb70c2c0b189575847629
828ee0993cb1aaa5b693c39d82b93560de8d0af6ca7cc80de8fdb0a20f92abed
82b9ea5ad84449e825340d541cc459aa211d60350eb0e2f30f829c731e98f5a8
82f1fbe95dbd4e1128a973db542bf50ab7ac8fbf35bfefca2e782b0a0572e564
832f63f4187160c195b04f1911c2e623a75e805f4b23abb9b0bea214b4283a43
83743db248567f00c9f4605f47a18d68c90761e833f046b9b95f288206a7bddf
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83e1fc06d61560e19649771db56bc018fc7fdb56e98f3a9f74505230a8f35060
86ff3759da2ec669a52361c6742498ec003221a71dff82746b90f0d391b8ab17
88d1bf4f2b000b3f448c055bdd7587a3bbcd94020e93a7e7c59c6a0fe86bc60d
8a4777b848c0d891fc427ada8d61a998bcf7af5df7dfc8c0773099fcfde271e9
8b50113869fc5d30c0f30718ccb7ffa971b79d0b5917e1023c551930eab6349e
8ca23b1b5785be90974a1fd817b919cc4d0613e3ebd8643f8644eac53fdee6f5
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8f6b0e0bbb75ff5a68f03a2fdd1a449f4e27c29fa06ad9a6df8f732828c972bd
8f9560479a05fb86854546c40ec030edc2bac692d4142391d69b16e5c033a185
943721f763440eea04130dc0aa288ee42e9d5f8171c691bf829575c86b5c693b
95dc30d8b40e0bae97c0a41fa52d8d43ef7b66a7de4645c913aa994def62e5dd
96519db0e4dd846a8a68e173c0cd57fa0c0f743e5d1b887b7d0efab891559cd8
98fc24db05acee16d2557b8a3e44977f2cecf3bfa10078623365fd7f99d708c6
9985bae31ea8ea29c17898e304915689c81644829d1a51ca12821508e46c79fa
9a6d5096068784e4493f9b3a5d4226b12c966fbcc43d7ab1007d9f0dd9025f49
9c50a96c859b9beea47b71740bd14e7f69a4df586d015f47434037f8def53b52
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a20bae1d58458ab4468005d23c3161ce89727b4b30c122445452a019370c4728
a30a4a350b665415cb951d678d4d3d24afbe2dce719abf4e7b97128ba03cfdb3
a3d21be02646badfddef3c5b4d98794e2a48f77f9e7ab7f999928cd2603f47b3
a4175829629cc0ee4fa83b14602e308f8e82b2323d3d31e316f5ac197f5068f0
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a534a12fa3e3d1b3c0a2cd57e8c42c5994af66e00eef071d0ebea069f987e954
a6f768cbb894f2690011ee62662d3ac9480d12f5088fa46be57e650fcc4d835c
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a81735771356ac2814c949860e33141dbdfc6d0fdd2d87a638b9499432ea152a
aa1a65de000d7002883647d0b2b7ea8a6847e5700c3377ac2023d7452b4d0c26
abc1bbfb097cfaf4715fe823adb40881f8ed35a943692d5c037945c2fcc56340
ac3dba0b78e4bce4ae5fb212ddf0e976910f809131f91023f61cd084ea08b855
ac972943758941373f2f43d2946b2331c12425df27c2bc387a5ea73cbc6cca7d
aee408847d35e44e99430f0979c3357b85fe8dbb4535a494301198adbee85f27
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b27963d64b79220f6a94fafa3a3c67a2404d363b4ad53dbb83ab2187eacde46f
b2b279ece006b0e9d263bf7bed8f9c0a1435738db4dff2c57e13d1efe98900a9
b827fb1d38720c918aff564f857097167170d85ee61a69dc0b0dae804804a4c5
bacd8d4d976a807d58af8d9928b71d5dd8c9356a45057e9330a3ddade6caa2c0
bb148fa65c2cc0eb97e8ac8581d6b61894633a967601284f6c28980527873ffe
bb46ed079c3dd3c39af5051b4ada48f29f49151dad4fa218117bad2fdb5e616f
bf437f32660363d0f48e911c360484cf704798de5c8e8432b5670a4095150252
bf4df26262de48aa093480907419dd99cb97bd670992b117446daad530a1383a
bfa20f343cac1018d5ff5bf009d95a9b327d0e1dff0adfcfc8e1b1a99448751b
c08632ec2a861b404d98fdf360b722767811cf95630feaf6647b50a66cab66d8
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c4b70f3fc0c5bacd3407ba71979b6e1a673ca70d225264158e92411ec673bb5f
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c66700fc4962522dc4120afbd107324ef077eb2b0885106bec0b92e2e7a4b817
c67409ea34890f9bb10d9f8f2f6b3dd06df844f5f452d887af841d400f906b28
c67ba24a5a606731b6de97c545d84ce50c4e4c251a30159188171f60cbd2af7a
c8d38dec050c2a2e71201670b625cfaa7fe4ba80541e26c6fab9a1685c3545fc
c90cff659645a312a28804965f3dbc34061338f7234ff5d6ddb2c57e9eadec15
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
ca8a0a578197140446a71bbc592961f8bf71cd71e70c2dd97a9d66cff2d566a0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
ce9c6cccb2d1c5857fec3aad6b768078346a9eb1b26f7e130ae61bec47ff555b
ced502ac5573ccd197c3f0b1019323a5bc79954b290499a15bbb08b2854ad6f8
d4a3452726fdcd8f9eca6905498c6e7d906408210223a642242f8b160aa688f5
d661244532ddce6a92fb96fde511e23ea4de69ff2e41a5bffb884caa71166e01
d780048a7c1bc298cb70039524c3d1919c9631080fe5e02104e3ec69c23c34ae
da588baf95598bbbc10f7b35d58dfff6b58cad16260fefa23ea858415f041b22
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
dd17e6deddd65ca2e4be4f82538925b1b2782ec9c70965c9715d71a0090c05cd
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02d37771a65793ca6f28decf3f8f663920232f69ca6a8bf14dd00f6a5792b13
e0e548aca2ebd335b118ad17c49f1b1355513b330a071f4f93693ef98fc6627e
e1a156c3daa4ae0c41f21ef266131ca5a34d56695e3d860b232da142ef031234
e1e0e87e53f2678a16fa5d891123d40743a8f3f2a7658ce4d176eb2d54dfdf9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e798a9ed236ace4349f53f43e97544175af7b1caccdbc3e1dd8d5990ff1b72ce
e7a673a8b89baec3f3dd436c8157749563ff827b609f6eced33f3a73685a976a
ebf824bcf90fb5c2f3b683257742d07ed471c866fef916389bd29b5212fab0aa
ec2e5ff3258cf60bf8337add68ad8ba1543bbb7a9facd6d684eedc01e471e7b3
ecf3b81fbe0c08f9a3c44094e302f8f7eb4f5bb7e88088b55dead2ac1a781124
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef5b3c2278c7ea47521d3989bc9b56682dcb73ee9b5ac2d3cd517c5170656d48
f293cdb3fb820a4d473520e9181b8e3057ee4e33e49803213206ed212e627a52
f2c761ee3ce27469f940a05b64e38a829a400427727cd0bdbb4e36f1d572afd7
f2f8a88b545a2bd6991245c0a9c2d99dbbd40a1e4b510da2a015f517cb9b5b0f
f4131dbcc3d918e66df4605fee019426a7d19ff97a6e66913e4fd86d2ad68ce8
f8a504a4dd65ff18b978b7bfb1d43a60dc8b17c09ed5429ff54decfa45a52d46
fa534949a8bf80de40755ff7ade4c2069037e9b85250c0c1369767b70e7889c6
fe68b626982e1d932ab57b4497b366e470b086410aaf609dbf00a398e5d1852e
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff3eaba90bdd401456a56d3150fbf53fa4ec60100fb321b27d04717f065f4732

itigic.com Open in urlscan Pro 52.19.6.38 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Statistics

485 Requests

96 %HTTPS

40 %IPv6

66 Domains

103 Subdomains

66 IPs

10 Countries

2951 kBTransfer

7045 kBSize

0 Cookies

4 Outgoing links

Redirected requests

485 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 16 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

itigic.com Open in urlscan Pro
52.19.6.38 Public Scan

Screenshot
Live screenshot

Full Image

485
Requests

96 %
HTTPS

40 %
IPv6

66
Domains

103
Subdomains

66
IPs

10
Countries

2951 kB
Transfer

7045 kB
Size

0
Cookies

485 HTTP transactions
16 data transactions