urlscan.io logo urlscan.io
SecurityTrails logo

www.bleepingcomputer.com Open in urlscan Pro
104.20.59.209  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Submission: On November 10 via manual from CA — Scanned from CA
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 35 IPs in 3 countries across 58 domains to perform 136 HTTP transactions. The main IP is 104.20.59.209, located in and belongs to CLOUDFLARENET, US. The main domain is www.bleepingcomputer.com. The Cisco Umbrella rank of the primary domain is 73184.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on May 4th 2023. Valid for: a year.
This is the only time www.bleepingcomputer.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 104.20.59.209 13335 (CLOUDFLAR...)
1 2607:f8b0:400... 15169 (GOOGLE)
34 172.67.75.139 13335 (CLOUDFLAR...)
5 2606:4700::68... 13335 (CLOUDFLAR...)
2 2607:f8b0:400... 15169 (GOOGLE)
1 1 2607:f8b0:400... 15169 (GOOGLE)
1 2607:f8b0:400... 15169 (GOOGLE)
5 2607:f8b0:400... 15169 (GOOGLE)
1 28 104.18.41.104 13335 (CLOUDFLAR...)
1 18.160.18.81 16509 (AMAZON-02)
2 18.160.46.100 16509 (AMAZON-02)
4 2607:f8b0:400... 15169 (GOOGLE)
1 34.160.152.31 396982 (GOOGLE-CL...)
3 2600:1901:0:7... 396982 (GOOGLE-CL...)
2 142.251.16.148 15169 (GOOGLE)
1 69.192.110.3 16625 (AKAMAI-AS)
1 3 18.165.83.79 16509 (AMAZON-02)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2607:f8b0:400... 15169 (GOOGLE)
1 2600:9000:24f... 16509 (AMAZON-02)
2 34.111.152.239 396982 (GOOGLE-CL...)
3 2607:f8b0:400... 15169 (GOOGLE)
2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 2606:4700:20:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 108.138.64.122 16509 (AMAZON-02)
1 1 2600:9000:247... 16509 (AMAZON-02)
1 3.162.125.65 16509 (AMAZON-02)
3 2606:4700:10:... 13335 (CLOUDFLAR...)
2 2 172.64.151.101 13335 (CLOUDFLAR...)
2 2 54.146.143.157 14618 (AMAZON-AES)
2 3 3.33.220.150 16509 (AMAZON-02)
2 2 2620:112:f002... 6336 (TURN-US-ASN)
2 2 35.71.139.29 16509 (AMAZON-02)
2 2 68.67.160.24 29990 (ASN-APPNEX)
3 3 199.127.204.171 26120 (RHYTHMONE)
1 1 199.127.204.142 26120 (RHYTHMONE)
2 172.64.146.152 13335 (CLOUDFLAR...)
1 23.105.12.143 30633 (LEASEWEB-...)
1 1 198.148.27.131 19189 (PULSEPOINT)
1 1 35.186.193.173 15169 (GOOGLE)
1 1 35.214.147.130 15169 (GOOGLE)
2 2 207.198.113.93 13768 (COGECO-PEER1)
2 2 54.156.21.254 14618 (AMAZON-AES)
2 2 34.111.113.62 396982 (GOOGLE-CL...)
1 1 52.2.60.159 14618 (AMAZON-AES)
1 1 2600:1f18:612... 14618 (AMAZON-AES)
1 1 63.251.28.234 13789 (INTERNAP-...)
2 2 107.20.234.237 14618 (AMAZON-AES)
1 1 165.227.251.217 14061 (DIGITALOC...)
1 1 69.166.1.35 27630 (AS-XFERNET)
1 1 142.234.204.77 396362 (LEASEWEB-...)
1 1 54.157.141.59 14618 (AMAZON-AES)
1 2 2620:100:a001::c 19750 (AS-CRITEO)
2 74.119.119.139 19750 (AS-CRITEO)
1 130.211.23.194 396982 (GOOGLE-CL...)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
136 35
1    104.20.59.209 (None, )

ASN13335 (CLOUDFLARENET, US)
www.bleepingcomputer.com
1    2607:f8b0:4004:c1d::5f (Washington, United States)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
34    172.67.75.139 (United States)

ASN13335 (CLOUDFLARENET, US)
www.bleepstatic.com
5    2606:4700::6812:14ce (United States)

ASN13335 (CLOUDFLARENET, US)
a.pub.network
2    2607:f8b0:4004:c08::61 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2607:f8b0:4004:c1b::6a (Washington, United States)

ASN15169 (GOOGLE, US)
www.google.com
1    2607:f8b0:4004:c1d::5e (Washington, United States)

ASN15169 (GOOGLE, US)
www.gstatic.com
5    2607:f8b0:4004:c17::9b (Washington, United States)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
28    104.18.41.104 (None, )

ASN13335 (CLOUDFLARENET, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
ins.connatix.com
cks.connatix.com
1    18.160.18.81 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-18-81.iad12.r.cloudfront.net
ecdn.analysis.fi
2    18.160.46.100 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-160-46-100.iad55.r.cloudfront.net
ecdn.firstimpression.io
cdn.firstimpression.io
4    2607:f8b0:4004:c09::5e (Ashburn, United States)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
1    34.160.152.31 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 31.152.160.34.bc.googleusercontent.com
d.pub.network
3    2600:1901:0:7416::1 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
functionalfeather.com
2    142.251.16.148 (United States)

ASN15169 (GOOGLE, US)
PTR: bl-in-f148.1e100.net
ad.doubleclick.net
1    69.192.110.3 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a69-192-110-3.deploy.static.akamaitechnologies.com
widgets.outbrain.com
3    18.165.83.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-165-83-79.iad55.r.cloudfront.net
sb.scorecardresearch.com
3    2607:f8b0:4004:c08::64 (Ashburn, United States)

ASN15169 (GOOGLE, US)
www.google-analytics.com
2    2607:f8b0:4004:c09::9a (Ashburn, United States)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
1    2600:9000:24f4:1e00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
static.adsafeprotected.com
2    34.111.152.239 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 239.152.111.34.bc.googleusercontent.com
optimise.net
3    2607:f8b0:4004:c07::9b (Washington, United States)

ASN15169 (GOOGLE, US)
securepubads.g.doubleclick.net
2    2606:4700:4400::ac40:90a6 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.confiant-integrations.net
1    2606:4700:20::681a:932 (United States)

ASN13335 (CLOUDFLARENET, US)
freestar-io.videoplayerhub.com
1    2606:4700:10::6816:4ad8 (United States)

ASN13335 (CLOUDFLARENET, US)
btloader.com
1    2606:4700:10::ac43:246e (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.hadronid.net
1    108.138.64.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-64-122.iad12.r.cloudfront.net
api.intentiq.com
1    2600:9000:2479:e400:1b:6b7d:2300:93a1 (United States)

ASN16509 (AMAZON-02, US)
sync.intentiq.com
1    3.162.125.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-162-125-65.iad61.r.cloudfront.net
sync1.intentiq.com
3    2606:4700:10::6816:445 (United States)

ASN13335 (CLOUDFLARENET, US)
id.hadron.ad.gt
2    172.64.151.101 (United States)

ASN13335 (CLOUDFLARENET, US)
ssum.casalemedia.com
2    54.146.143.157 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-146-143-157.compute-1.amazonaws.com
match.prod.bidr.io
3    3.33.220.150 (Seattle, United States)

ASN16509 (AMAZON-02, US)
PTR: a12b7a488abeaa9e4.awsglobalaccelerator.com
match.adsrvr.org
2    2620:112:f002:bbbb::21 (United States)

ASN6336 (TURN-US-ASN, US)
ad.turn.com
2    35.71.139.29 (United States)

ASN16509 (AMAZON-02, US)
PTR: afb83dd09526a6517.awsglobalaccelerator.com
eb2.3lift.com
2    68.67.160.24 (Brooklyn, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net
secure.adnxs.com
3    199.127.204.171 (United States)

ASN26120 (RHYTHMONE, US)
sync.1rx.io
1    199.127.204.142 (United States)

ASN26120 (RHYTHMONE, US)
sync.targeting.unrulymedia.com
2    172.64.146.152 (United States)

ASN13335 (CLOUDFLARENET, US)
capi.connatix.com
1    23.105.12.143 (Manassas, United States)

ASN30633 (LEASEWEB-USA-WDC, US)
ssbsync.smartadserver.com
1    198.148.27.131 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
1    35.186.193.173 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 173.193.186.35.bc.googleusercontent.com
i.ctnsnet.com
1    35.214.147.130 (Groningen, Netherlands)

ASN15169 (GOOGLE, US)
PTR: 130.147.214.35.bc.googleusercontent.com
csync.loopme.me
2    207.198.113.93 (Herndon, United States)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
2    54.156.21.254 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-156-21-254.compute-1.amazonaws.com
sync.crwdcntrl.net
2    34.111.113.62 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 62.113.111.34.bc.googleusercontent.com
pixel.tapad.com
1    52.2.60.159 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-2-60-159.compute-1.amazonaws.com
ads.yieldmo.com
1    2600:1f18:612b:4200:8dc7:4fa0:2c07:4fd1 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
connatix-supply-partners.tremorhub.com
1    63.251.28.234 (Secaucus, United States)

ASN13789 (INTERNAP-BLK3, US)
ads.stickyadstv.com
2    107.20.234.237 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-107-20-234-237.compute-1.amazonaws.com
vop.sundaysky.com
1    165.227.251.217 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
sync.resetdigital.co
1    69.166.1.35 (United States)

ASN27630 (AS-XFERNET, US)
sync.go.sonobi.com
1    142.234.204.77 (Edison, United States)

ASN396362 (LEASEWEB-USA-NYC, US)
xsync.iqzone.com
1    54.157.141.59 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-157-141-59.compute-1.amazonaws.com
sync.ipredictive.com
2    2620:100:a001::c (United States)

ASN19750 (AS-CRITEO, US)
gum.criteo.com
2    74.119.119.139 (United States)

ASN19750 (AS-CRITEO, US)
mug.criteo.com
1    130.211.23.194 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 194.23.211.130.bc.googleusercontent.com
api.btloader.com
2    2606:4700:20::681a:246 (United States)

ASN13335 (CLOUDFLARENET, US)
ad-delivery.net
Apex Domain
Subdomains		 Transfer
34 bleepstatic.com
www.bleepstatic.com — Cisco Umbrella Rank: 84446
637 KB
30 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3425
cds.connatix.com — Cisco Umbrella Rank: 3536
capi.connatix.com — Cisco Umbrella Rank: 1113
ins.connatix.com — Cisco Umbrella Rank: 4651
cks.connatix.com — Cisco Umbrella Rank: 5071
vid.connatix.com Failed
369 KB
7 doubleclick.net
ad.doubleclick.net — Cisco Umbrella Rank: 154
googleads.g.doubleclick.net — Cisco Umbrella Rank: 33
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 196
237 KB
6 pub.network
a.pub.network — Cisco Umbrella Rank: 4389
d.pub.network — Cisco Umbrella Rank: 4659
411 KB
5 googlesyndication.com
pagead2.googlesyndication.com — Cisco Umbrella Rank: 97
266 KB
5 gstatic.com
www.gstatic.com
fonts.gstatic.com
csi.gstatic.com Failed
69 KB
4 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 454
mug.criteo.com — Cisco Umbrella Rank: 2926
1 KB
3 1rx.io
sync.1rx.io — Cisco Umbrella Rank: 567
2 KB
3 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 353
1 KB
3 ad.gt
id.hadron.ad.gt — Cisco Umbrella Rank: 1601
503 B
3 intentiq.com
api.intentiq.com — Cisco Umbrella Rank: 1400
sync.intentiq.com — Cisco Umbrella Rank: 886
sync1.intentiq.com — Cisco Umbrella Rank: 2801
3 KB
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 27
21 KB
3 scorecardresearch.com
sb.scorecardresearch.com — Cisco Umbrella Rank: 172
3 KB
3 functionalfeather.com
functionalfeather.com — Cisco Umbrella Rank: 34902
24 KB
2 ad-delivery.net
ad-delivery.net — Cisco Umbrella Rank: 946
1 KB
2 sundaysky.com
vop.sundaysky.com — Cisco Umbrella Rank: 2704
1 KB
2 tapad.com
pixel.tapad.com — Cisco Umbrella Rank: 487
1 KB
2 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 865
1 KB
2 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 726
1 KB
2 adnxs.com
secure.adnxs.com — Cisco Umbrella Rank: 495
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 417
826 B
2 turn.com
ad.turn.com — Cisco Umbrella Rank: 851
893 B
2 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 573
1 KB
2 casalemedia.com
ssum.casalemedia.com — Cisco Umbrella Rank: 1451
1 KB
2 btloader.com
btloader.com — Cisco Umbrella Rank: 877
api.btloader.com — Cisco Umbrella Rank: 948
94 KB
2 confiant-integrations.net
cdn.confiant-integrations.net — Cisco Umbrella Rank: 1481
101 KB
2 optimise.net
optimise.net — Cisco Umbrella Rank: 5481
5 KB
2 firstimpression.io
ecdn.firstimpression.io — Cisco Umbrella Rank: 28254
cdn.firstimpression.io — Cisco Umbrella Rank: 26912
101 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 35
142 KB
1 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 909
522 B
1 iqzone.com
xsync.iqzone.com — Cisco Umbrella Rank: 5639
511 B
1 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 931
680 B
1 resetdigital.co
sync.resetdigital.co — Cisco Umbrella Rank: 2782
418 B
1 stickyadstv.com
ads.stickyadstv.com — Cisco Umbrella Rank: 566
589 B
1 tremorhub.com
connatix-supply-partners.tremorhub.com — Cisco Umbrella Rank: 10730
426 B
1 yieldmo.com
ads.yieldmo.com — Cisco Umbrella Rank: 657
532 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 940
279 B
1 ctnsnet.com
i.ctnsnet.com — Cisco Umbrella Rank: 5849
452 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 547
860 B
1 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 774
1 unrulymedia.com
sync.targeting.unrulymedia.com — Cisco Umbrella Rank: 1268
575 B
1 hadronid.net
cdn.hadronid.net — Cisco Umbrella Rank: 1779
10 KB
1 videoplayerhub.com
freestar-io.videoplayerhub.com — Cisco Umbrella Rank: 5424
469 B
1 adsafeprotected.com
static.adsafeprotected.com — Cisco Umbrella Rank: 587
482 B
1 outbrain.com
widgets.outbrain.com — Cisco Umbrella Rank: 1799
1 KB
1 analysis.fi
ecdn.analysis.fi — Cisco Umbrella Rank: 30745
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
232 B
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 31
imasdk.googleapis.com Failed
1 KB
1 bleepingcomputer.com
www.bleepingcomputer.com — Cisco Umbrella Rank: 73184
16 KB
0 liadm.com Failed
i.liadm.com Failed
0 colossusssp.com Failed
sync.colossusssp.com Failed
0 rlcdn.com Failed
id.rlcdn.com Failed
0 media.net Failed
cs.media.net Failed
0 openx.net Failed
us-u.openx.net Failed
0 yellowblue.io Failed
cs-server-s2s.yellowblue.io Failed
0 pubmatic.com Failed
ads.pubmatic.com Failed
0 33across.com Failed
ssc-cms.33across.com Failed
0 rubiconproject.com Failed
secure-assets.rubiconproject.com Failed
136 58
Domain Requested by
34 www.bleepstatic.com www.bleepingcomputer.com
www.bleepstatic.com
17 cks.connatix.com blank
5 capi.connatix.com 1 redirects www.bleepingcomputer.com
cds.connatix.com
blank
5 cds.connatix.com cd.connatix.com
cds.connatix.com
5 pagead2.googlesyndication.com www.bleepingcomputer.com
pagead2.googlesyndication.com
securepubads.g.doubleclick.net
5 a.pub.network www.bleepingcomputer.com
a.pub.network
4 fonts.gstatic.com fonts.googleapis.com
3 sync.1rx.io 3 redirects
3 match.adsrvr.org 2 redirects a.pub.network
3 id.hadron.ad.gt cdn.hadronid.net
a.pub.network
3 securepubads.g.doubleclick.net a.pub.network
securepubads.g.doubleclick.net
cds.connatix.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 sb.scorecardresearch.com 1 redirects a.pub.network
www.bleepingcomputer.com
3 functionalfeather.com a.pub.network
functionalfeather.com
2 ad-delivery.net blank
2 mug.criteo.com blank
2 gum.criteo.com 1 redirects
2 vop.sundaysky.com 2 redirects
2 pixel.tapad.com 2 redirects
2 sync.crwdcntrl.net 2 redirects
2 pixel-sync.sitescout.com 2 redirects
2 secure.adnxs.com 2 redirects
2 eb2.3lift.com 2 redirects
2 ad.turn.com 2 redirects
2 match.prod.bidr.io 2 redirects
2 ssum.casalemedia.com 2 redirects
2 ins.connatix.com cds.connatix.com
2 cdn.confiant-integrations.net a.pub.network
cdn.confiant-integrations.net
2 optimise.net a.pub.network
2 googleads.g.doubleclick.net pagead2.googlesyndication.com
2 ad.doubleclick.net www.bleepingcomputer.com
blank
2 www.googletagmanager.com www.bleepingcomputer.com
www.googletagmanager.com
1 api.btloader.com freestar-io.videoplayerhub.com
1 sync.ipredictive.com 1 redirects
1 xsync.iqzone.com 1 redirects
1 sync.go.sonobi.com 1 redirects
1 sync.resetdigital.co 1 redirects
1 ads.stickyadstv.com 1 redirects
1 connatix-supply-partners.tremorhub.com 1 redirects
1 ads.yieldmo.com 1 redirects
1 csync.loopme.me 1 redirects
1 i.ctnsnet.com 1 redirects
1 bh.contextweb.com 1 redirects
1 ssbsync.smartadserver.com cds.connatix.com
1 sync.targeting.unrulymedia.com 1 redirects
1 sync1.intentiq.com blank
1 sync.intentiq.com 1 redirects www.bleepingcomputer.com
1 api.intentiq.com a.pub.network
1 cdn.hadronid.net a.pub.network
1 btloader.com www.bleepingcomputer.com
1 freestar-io.videoplayerhub.com 1 redirects
1 cdn.firstimpression.io ecdn.firstimpression.io
1 static.adsafeprotected.com www.bleepingcomputer.com
1 widgets.outbrain.com www.bleepingcomputer.com
1 d.pub.network www.bleepingcomputer.com
1 ecdn.firstimpression.io www.bleepingcomputer.com
1 ecdn.analysis.fi www.bleepingcomputer.com
1 cd.connatix.com www.bleepingcomputer.com
1 www.gstatic.com www.bleepingcomputer.com
1 www.google.com 1 redirects
1 fonts.googleapis.com www.bleepingcomputer.com
1 www.bleepingcomputer.com
0 csi.gstatic.com Failed pagead2.googlesyndication.com
0 vid.connatix.com Failed cds.connatix.com
0 imasdk.googleapis.com Failed cds.connatix.com
0 i.liadm.com Failed www.bleepingcomputer.com
0 sync.colossusssp.com Failed www.bleepingcomputer.com
0 id.rlcdn.com Failed www.bleepingcomputer.com
0 cs.media.net Failed www.bleepingcomputer.com
0 us-u.openx.net Failed www.bleepingcomputer.com
0 cs-server-s2s.yellowblue.io Failed cds.connatix.com
0 ads.pubmatic.com Failed cds.connatix.com
0 ssc-cms.33across.com Failed cds.connatix.com
0 secure-assets.rubiconproject.com Failed cds.connatix.com
136 74

This site contains no links.

Subject Issuer Validity Valid
bleepingcomputer.com
Sectigo RSA Domain Validation Secure Server CA		 2023-05-04 -
2024-05-03		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2023-04-16 -
2024-04-15		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
connatix.com
GTS CA 1P5		 2023-11-04 -
2024-02-02		 3 months crt.sh
analysis.fi
Amazon RSA 2048 M01		 2023-10-04 -
2024-10-31		 a year crt.sh
*.firstimpression.io
Sectigo RSA Domain Validation Secure Server CA		 2022-11-27 -
2023-12-05		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
d.pub.network
GTS CA 1D4		 2023-10-07 -
2024-01-05		 3 months crt.sh
functionalfeather.com
R3		 2023-10-14 -
2024-01-12		 3 months crt.sh
*.doubleclick.net
GTS CA 1C3		 2023-10-16 -
2024-01-08		 3 months crt.sh
*.outbrain.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-09 -
2024-02-11		 a year crt.sh
*.scorecardresearch.com
Sectigo RSA Domain Validation Secure Server CA		 2022-12-15 -
2023-12-28		 a year crt.sh
static.adsafeprotected.com
Amazon RSA 2048 M02		 2023-07-07 -
2024-08-04		 a year crt.sh
optimise.net
GTS CA 1D4		 2023-09-21 -
2023-12-20		 3 months crt.sh
confiant-integrations.net
GTS CA 1P5		 2023-09-20 -
2023-12-19		 3 months crt.sh
hadronid.net
GTS CA 1P5		 2023-10-05 -
2024-01-03		 3 months crt.sh
*.intentiq.com
Amazon RSA 2048 M02		 2023-04-11 -
2024-05-08		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-09-26 -
2023-12-23		 3 months crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2023-04-12 -
2024-05-13		 a year crt.sh
api.btloader.com
GTS CA 1D4		 2023-10-10 -
2024-01-08		 3 months crt.sh

This page contains 8 frames:

Primary Page: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Frame ID: 497C16D80E755F0153A9A8D07C03379F
Requests: 109 HTTP requests in this frame

Frame: https://cd.connatix.com/connatix.playspace.js
Frame ID: 812EEB9D021EBC784E3742AADABB4F7C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Frame ID: B59082F236124A46E3E808653F4197F4
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1696863264&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699627804325&bpp=2&bdt=952&idt=492&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=887586330128&rume=1&frm=20&pv=2&ga_vid=1179475407.1699627805&ga_sid=1699627805&ga_hid=7679609&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44807460%2C31078301%2C31079569%2C44807753%2C44806141%2C44807763%2C44808149%2C31061691%2C31061692&oid=2&pvsid=2399244328977114&tmod=1510244525&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=556
Frame ID: DE9FE3D504B9032DD4081A178FAA4935
Requests: 1 HTTP requests in this frame

Frame: https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Frame ID: 6B95E2CF4E5FA767E1DE039A9463683A
Requests: 1 HTTP requests in this frame

Frame: https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D988483e374904adb898698ef0fa3feff%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Frame ID: C239BF5DFEB752A68F78A192E3624679
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D988483e374904adb898698ef0fa3feff%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Frame ID: 17F7D8A1FC1C8F1D77ABA805431DBBF2
Requests: 1 HTTP requests in this frame

Frame: https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d988483e374904adb898698ef0fa3feff%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Frame ID: C6F0737CF6795EB72E84FD9384D28BE7
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Detected technologies

Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • \.scorecardresearch\.com/beacon\.js|COMSCORE\.beacon
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

136
Requests

71 %
HTTPS

38 %
IPv6

58
Domains

74
Subdomains

35
IPs

3
Countries

2515 kB
Transfer

7243 kB
Size

60
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 12
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en HTTP 301
  • https://www.gstatic.com/prose/brandjs.js
Request Chain 70
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699627804902&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&c8=Hackers%20hijack%20Citrix%20NetScaler%20login%20pages%20to%20steal%20credentials&c9= HTTP 302
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699627804902&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&c8=Hackers%20hijack%20Citrix%20NetScaler%20login%20pages%20to%20steal%20credentials&c9=
Request Chain 75
  • https://capi.connatix.com/core/sync HTTP 302
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Request Chain 78
  • https://freestar-io.videoplayerhub.com/gallery.js HTTP 301
  • https://btloader.com/tag?h=freestar-io&upapi=true
Request Chain 84
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=160960&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&tsrnd=789_1699627805215&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A HTTP 302
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=160960&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&tsrnd=789_1699627805215&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=chXatfJtlo&nc=false&trid=-588261963
Request Chain 92
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0 HTTP 302
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1 HTTP 302
  • https://cks.connatix.com/cks?pid=17&ev=988483e374904adb898698ef0fa3feff&pname=Index&api-tier=2&uid=ZU5DHXXrhVcq0dq6CZRmeQAA%263541
Request Chain 93
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0 HTTP 303
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&gdpr=0&_bee_ppp=1 HTTP 303
  • https://cks.connatix.com/cks?pid=15&ev=988483e374904adb898698ef0fa3feff&pname=Beeswax&api-tier=2&uid=AACFKE7KnIYAABMAa6sJCw&gdpr=0
Request Chain 94
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=19&uid=4c30d2c6-eab6-445f-be5e-0eb6d92a15ab&ttl=1702219805
Request Chain 95
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=21&ev=988483e374904adb898698ef0fa3feff&pname=Amobee&api-tier=2&uid=2438919445928045594
Request Chain 96
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID HTTP 302
  • https://cks.connatix.com/cks?pid=25&ev=988483e374904adb898698ef0fa3feff&pname=TripleLift&api-tier=2&uid=3116672581290850982503
Request Chain 97
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0 HTTP 307
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D988483e374904adb898698ef0fa3feff%2526pname%253DAppNexus%2526api-tier%253D2%2526uid%253D%2524UID%3D%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=6&ev=988483e374904adb898698ef0fa3feff&pname=AppNexus&api-tier=2&uid=2043365517544706506=&gdpr=0
Request Chain 98
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0 HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&cb=1699627805803 HTTP 302
  • https://ad.turn.com/r/cs?pid=45&rndcb=4435125705 HTTP 302
  • https://sync.1rx.io/usersync/turn/2366861851890117658?dspret=1&gdpr=&gdpr_consent=&us_privacy= HTTP 302
  • https://sync.targeting.unrulymedia.com/csync/RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005%26pId%3D44 HTTP 302
  • https://capi.connatix.com/us/pixel?puid=RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005&pId=44
Request Chain 103
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%25%25VGUID%25%25&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=13&ev=988483e374904adb898698ef0fa3feff&pname=PulsePoint&api-tier=2&uid=x1yWj9vz06Rn
Request Chain 104
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=28&ev=988483e374904adb898698ef0fa3feff&pname=Crimtan&api-tier=2&uid=dfa031f2fead495bb2f4a1e94b13fe1a
Request Chain 105
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=18&ev=988483e374904adb898698ef0fa3feff&pname=LoopMe&api-tier=2&uid=bd8e0b39-ab1f-4316-bfab-183a9eb016f0&pubid=11186&gdpr=0
Request Chain 106
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId%7D&gdpr=0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D988483e374904adb898698ef0fa3feff%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341%2526gdpr%253D0 HTTP 302
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%26partner_device_id%3D52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341%26partner_url%3Dhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D9%2526ev%253D988483e374904adb898698ef0fa3feff%2526pname%253DCentro%2526api-tier%253D2%2526uid%253D52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341%2526gdpr%253D0&ct=y HTTP 302
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCentro%26api-tier%3D2%26uid%3D52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341%26gdpr%3D0 HTTP 302
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCentro%26api-tier%3D2%26uid%3D52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341%26gdpr%3D0 HTTP 302
  • https://cks.connatix.com/cks?pid=9&ev=988483e374904adb898698ef0fa3feff&pname=Centro&api-tier=2&uid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0
Request Chain 107
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=39&ev=988483e374904adb898698ef0fa3feff&pname=YieldMo&api-tier=2&uid=3Few6FFuuwFJ23Q7z_pm&gdpr=0
Request Chain 108
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=988483e374904adb898698ef0fa3feff&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DTelaria%26api-tier%3D2%26uid%3D%5BTVUSER_ID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=5&ev=988483e374904adb898698ef0fa3feff&pname=Telaria&api-tier=2&uid=5d9a57c356f449c6b7a99eebc0f374d5
Request Chain 109
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0 HTTP 302
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=d9dec347c48bf1f0438dc68455539d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Request Chain 111
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0 HTTP 302
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0&_cvt=t HTTP 302
  • https://cks.connatix.com/cks?pid=1&ev=988483e374904adb898698ef0fa3feff&pname=SundaySky&api-tier=2&uid=d6.76f44cc812f34974891b1fb6c3241cde
Request Chain 112
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_ID&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=35&ev=988483e374904adb898698ef0fa3feff&pname=ResetDigital&api-tier=2&uid=0000011B92F3AFAE
Request Chain 113
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=43&ev=988483e374904adb898698ef0fa3feff&pname=Sonobi&api-tier=2&uid=c9a754b4-bf68-4185-aca4-ed4187cd10e6
Request Chain 114
  • https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0 HTTP 307
  • https://cks.connatix.com/cks?pid=42&ev=988483e374904adb898698ef0fa3feff&pname=IqZone&api-tier=2&uid=6ec272ec-4ae6-4585-97fd-0df9960d0602
Request Chain 115
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DAdelphic%26api-tier%3D2%26uid%3D%24%7BADELPHIC_CUID%7D&gdpr=0 HTTP 302
  • https://cks.connatix.com/cks?pid=29&ev=988483e374904adb898698ef0fa3feff&pname=Adelphic&api-tier=2&uid=33e69a78-75a5-4208-9622-334aff0b4b05
Request Chain 127
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=about%3A%2F%2F%2F&cw=1&lsw=1 HTTP 302
  • https://mug.criteo.com/sid?cpp=luXabXxDNVhnNlZRUXY5RHQrNUphVVJ5NTNxdE5uNkpMakVGTlBVVnpEc1lDNTZXZDNmNVpMTmNsdy9aUVpNSVNVQ0FxN0NkV0xPQXZubE9maTJVbEd4NUpPc1Vqa3dWWW9jcG5XT1Z5ZkFVVmR0MThHaytHK1J3Yy9FZTdycTkySm1zd3dtMll3dEliYTRVMDRRMDZOVEJxY2R5a2pXRS8xUjRGZTA3NFFvTDNGVTkzT0JzRWhlcEIzL2k0UzlzR3Z0emkvbEx4eWtmcmNidjIrM1Blb2IvSDBRPT18&cppv=2

136 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/ 		73 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.20.59.209 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d4ad4fb4feb6b5976ccd8eb9208ef6a6bdcb9bba3e7d9f97407d3b23b322724a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
cf-cache-status
DYNAMIC
cf-ray
823f1b08eb8e39f8-YYZ
content-encoding
br
content-security-policy
upgrade-insecure-requests;
content-type
text/html; charset=UTF-8
date
Fri, 10 Nov 2023 14:50:03 GMT
expires
0
last-modified
Mon, 09 Oct 2023 14:54:24 GMT
pragma
no-cache
server
cloudflare
vary
Accept-Encoding,User-Agent
x-frame-options
SAMEORIGIN
css
fonts.googleapis.com/ 		13 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c1d::5f Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Fri, 10 Nov 2023 14:41:43 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 10 Nov 2023 14:50:03 GMT
bootstrap.min.css
www.bleepstatic.com/js/redesign/bootstrap/css/ 		119 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/css/bootstrap.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
19542
etag
W/"624975547"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Iq27lDACfM2NEs0yNt3KOsT8u3cZjVpBLrjL%2Bgi86WIJ%2B06Ll53Fpv87SZQGdDmJr7txI232D3GXbIOhMDRLHAidIU1ub%2BZo15W6bwEQZBVqU7VVtr%2Ft8%2FY1J1W4ulDsf3vF%2BvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0ced6da202-YYZ
expires
Fri, 15 Dec 2023 09:24:21 GMT
main.css
www.bleepstatic.com/css/redesign/ 		52 KB
11 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a8d5ddfd2b17ba6fbf78f65d8dbf690631d5a609102caea35467a6401ab3d669

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
745715
cf-polished
origSize=65945
cf-bgj
minify
last-modified
Wed, 17 May 2023 23:06:54 GMT
server
cloudflare
etag
W/"3412489487"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qsnE8s7YHhIMXOt49s7Rk4%2BOf7%2FJ2LWHYWBbuXbUSnQMrSk6P7DDscCFJHLTnLv9kRRXnTAiqvBGgJVHsGUSiD%2BOSkJz3uQAJA86%2F8ny%2B0vUORafHhPJqW1ItXtzlBxypbZESbM%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0ced65a202-YYZ
expires
Wed, 06 Dec 2023 23:41:28 GMT
home.css
www.bleepstatic.com/css/redesign/ 		12 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/home.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9198
cf-polished
origSize=15024
cf-bgj
minify
last-modified
Wed, 14 Dec 2022 03:04:07 GMT
server
cloudflare
etag
W/"327631530"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=RmgXmQ8HQUMgYm26wRXkO%2F0Ljxom6IHeVhIt9aK5%2BIQCTpmu27B1AHB%2Fdkhz5lKk6mm%2Bk4cEHgkDGgX1vKMM9NHOutAIpROcLz1f2SZxbTJzcQqKZZrsigDV2hBj%2BhB9r5anPmc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0ced69a202-YYZ
expires
Fri, 15 Dec 2023 12:16:44 GMT
news.css
www.bleepstatic.com/css/redesign/ 		28 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/css/redesign/news.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
320afb4599d0c6913c1d0f7ad16609b48bd357898f5a6db56441e9d4bd8ecddf

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
743568
cf-polished
origSize=35388
cf-bgj
minify
last-modified
Mon, 09 Oct 2023 19:50:03 GMT
server
cloudflare
etag
W/"3051701435"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wvqF72j%2BKHuC%2BUkbzclrUeMm26CEqbPTWjy83ivK1QJK7U6FU%2FvxmRVgm1cUqShkCwklC7EbBveLY1JviWmfFe9Wp411FSFj0f0teFq0KB6MAwN0BV1IxrsAi4Ey75aGC473ddE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0ced6aa202-YYZ
expires
Thu, 07 Dec 2023 00:17:15 GMT
jquery-3.5.1.min.js
www.bleepstatic.com/js/redesign/ 		87 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-3.5.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 04 May 2020 23:02:39 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
9164
etag
W/"1177690299"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VVNmtFCTnhxaThIstxPeylk67qVrVqQBAN%2B5%2BZYpS0BQu4MSaoFgiyJEADSnMrgceM9wBKSBmOPQi2HuuDunkCv5fCvuVfzFcSnYmAOCyWirCk9suG78Uf91eQhaIV0N%2B%2FsNyG4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0ced6fa202-YYZ
expires
Fri, 15 Dec 2023 12:17:19 GMT
jquery-migrate-1.4.1.min.js
www.bleepstatic.com/js/redesign/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/jquery-migrate-1.4.1.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 20 May 2016 01:26:30 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
712323
etag
W/"2177127834"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=T%2BRIVLPMASYyBgTCYahpudqkAN%2Bi8Srd8BgHPTEN3bwvJSTVgEgrC8gtCaxR%2FNrvn%2BnU6f%2BUFxLWsNOnnkgofNaUjxy5B63%2FK014SCELdSG%2BG07lzVObn24FGjmJfCgZkVanuO0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0cfd89a202-YYZ
expires
Thu, 07 Dec 2023 08:58:00 GMT
news.js
www.bleepstatic.com/js/redesign/ 		183 B
463 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/news.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
745715
cf-polished
origSize=247
cf-bgj
minify
last-modified
Wed, 16 Dec 2015 15:41:46 GMT
server
cloudflare
etag
W/"4218930423"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BBNLp9r%2FWMx%2BiV17mpTXcGPAXjfxd6nIX1Ou3rq%2Frxgh5RT1G1P2j2fjlhDNUJIXsLsdv6jG%2FNlUDze9RxmOPOGa%2FgJ%2BRlC%2Bf5dRGrNF7hmVSmhkVm2pEtG6o5e8e2iDWoFQ6Z0%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0e4fe4a202-YYZ
expires
Wed, 06 Dec 2023 23:41:28 GMT
cls.css
a.pub.network/core/pubfig/ 		2 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/cls.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
2170
x-guploader-uploadid
ABPtcPr0fcpN9HtUcClUUBySE4WuxO-d-1YjH5fXegFwfg_VugLIL7uJ_vsnDsP0DJuRlOwN1hk
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Fri, 28 Oct 2022 14:36:10 GMT
server
cloudflare
etag
W/"816783146b3907e634d0e822ca759864"
vary
Accept-Encoding
x-goog-generation
1666967770269941
content-type
text/css
access-control-allow-origin
*
x-goog-hash
crc32c=4G+Zdg==, md5=gWeDFGs5B+Y00OgiynWYZA==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
2096
cf-ray
823f1b0cee7836a9-YYZ
expires
Fri, 10 Nov 2023 15:50:03 GMT
pubfig.min.js
a.pub.network/bleepingcomputer-com/ 		121 KB
43 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
28bf2d951fccd896aea3f18c4593cd9a1fe233e5eb85b41d9599ab36a44e5589

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
gzip
cf-cache-status
HIT
age
246671
x-guploader-uploadid
ABPtcPpGow8g6VBvMA8aco1a9iYvKqfrFAHLPDtkqdabPgjyIpzJMKxfiaSE10pdcKMED9btO34
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
1
x-goog-stored-content-encoding
identity
last-modified
Tue, 07 Nov 2023 17:52:07 GMT
server
cloudflare
etag
W/"3e2f3f87ba0f5643abe19e6e7bb3615c"
vary
Accept-Encoding
x-goog-generation
1699379527654589
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=nL+U3A==, md5=Pi8/h7oPVkOr4Z5ue7NhXA==
access-control-expose-headers
*
cache-control
public, max-age=1800
x-goog-stored-content-length
123684
cf-ray
823f1b0e490d36a9-YYZ
link
<https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD>; rel="preload"; as="fetch"; crossorigin="use-credentials", <https://optimise.net>; rel="preconnect", <https://api.floors.dev>; rel="preconnect"
expires
Fri, 10 Nov 2023 15:20:03 GMT
js
www.googletagmanager.com/gtag/ 		132 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
999f7962b8b847ed77e4c026487a4f1d736f7dc82f1bf528966793e1b01ad1fd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
51447
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 Nov 2023 14:50:04 GMT
logo.png
www.bleepstatic.com/images/site/ 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/logo.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
239488
cf-polished
origFmt=png, origSize=1882
content-disposition
inline; filename="logo.webp"
content-length
1152
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 04:12:00 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xZjIW5Cr8Ezu6%2BVbhJLAeoxJnCeLA0L9R9ICPDux7qwPCr0mw3kOwmJHlBkWeekUZ6wN%2F3VPzOAWS9XWNR0IF1iVYnWg3lYKug6aZGVSPhPnRw60RRT%2BkYk6mMxsrvT5KEx2d6w%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e4fe6a202-YYZ
expires
Thu, 07 Dec 2023 20:18:35 GMT
brandjs.js
www.gstatic.com/prose/
Redirect Chain
  • https://www.google.com/coop/cse/brand?form=cse-search-box&lang=en
  • https://www.gstatic.com/prose/brandjs.js
14 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/prose/brandjs.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Server
2607:f8b0:4004:c1d::5e Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 02:54:59 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
42905
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/prose-team
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
5807
x-xss-protection
0
last-modified
Tue, 06 Apr 2021 15:14:29 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"prose-team","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/prose-team"}]}
content-type
text/javascript
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="prose-team"
expires
Sat, 11 Nov 2023 02:54:59 GMT

Redirect headers

date
Fri, 10 Nov 2023 14:32:46 GMT
x-content-type-options
nosniff
server
sffe
age
1038
content-type
text/html; charset=UTF-8
location
https://www.gstatic.com/prose/brandjs.js
cache-control
public, max-age=1800
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
237
x-xss-protection
0
expires
Fri, 10 Nov 2023 15:02:46 GMT
citrix_headpic.jpg
www.bleepstatic.com/content/hl-images/2023/07/21/ 		141 KB
142 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2023/07/21/citrix_headpic.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48d7ba6b0b04d3cc7ad953a6795872593568b78415476782dd31884475759306

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
9012
cf-polished
qual=85, origFmt=jpeg, origSize=299746
content-disposition
inline; filename="citrix_headpic.webp"
content-length
144548
cf-bgj
imgq:85,h2pri
last-modified
Fri, 21 Jul 2023 08:22:18 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DPh7xcbzgSEXKUCdiQfPdgqMYP%2FyVh8Qod%2Bb9QxLL51YdU5K25IDL92BGTqqlZzXXpChiae4L3pAyuGBvvRrwaIY3SPcrk0wMzf3KvExXyl7vukLCoEVGF0G8XzCwgLzyF44ggo%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0d6e63a202-YYZ
expires
Sun, 10 Dec 2023 12:19:51 GMT
attack-chain.png
www.bleepstatic.com/images/news/u/1220909/2023/Cloud/9/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1220909/2023/Cloud/9/attack-chain.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1701a8746c35606bc76f254de81e7919bb9eecc8e82072175df9126405edf3ee

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1422
cf-polished
origFmt=png, origSize=66343
content-disposition
inline; filename="attack-chain.webp"
content-length
42958
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 Oct 2023 10:26:06 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a73akgEkfUXrbdF7e83MqWgaEr8wRDROa8UFH6MiId%2BpBSKvOvJEBcnffXgXMJ1%2FngER0yoqykbIZ3oFMIHQYL4WRTvi6SiK2d5TlSp%2F0IqzUvs51jsbvlNUgkj053Kp3PGvce4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0d8e97a202-YYZ
expires
Sun, 10 Dec 2023 14:26:21 GMT
steal-creds.png
www.bleepstatic.com/images/news/u/1220909/2023/Cloud/9/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/news/u/1220909/2023/Cloud/9/steal-creds.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f15a3af2df6b4d0452e400e42773bec42b061ab45b8228a1cf297f3bf48b5c17

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
1422
cf-polished
origFmt=png, origSize=70416
content-disposition
inline; filename="steal-creds.webp"
content-length
38904
cf-bgj
imgq:85,h2pri
last-modified
Mon, 09 Oct 2023 10:26:08 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lF0z%2FWeG6WUJM8d2cAZs5ArzqqVLknf%2FVUFQaa3%2BriMD5mywmxCKNDL%2BeYK3RK8aixyvLY3LNVGZN%2BgLfCajEgGy3KjP2gSFaLeWL93Q0bN%2FpVyS5ECExzKixepMQZwVar8Gi8A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e4fe1a202-YYZ
expires
Sun, 10 Dec 2023 14:26:21 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		150 KB
52 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0e2f8bd529f48286e9c85134523586962ae6a5f1970a8d680c7d05043b3ebd99
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
52769
x-xss-protection
0
server
cafe
etag
15013980265366191337
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 14:50:04 GMT
twitter.png
www.bleepstatic.com/images/site/login/ 		282 B
784 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login/twitter.png
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
237531
cf-polished
origFmt=png, origSize=475
content-disposition
inline; filename="twitter.webp"
content-length
282
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E0qr0bGqhgLrtHyEAYlzxQf7P3i4ubYg%2F0vtk%2F44uDDEDetXQJ7LXpGwiHMYBSGdsol5USoXhZj4YLExuYIv%2Fke9GtY%2Fgimaie%2FF6Khw1vfTuIOZRxj%2FNpwNedOzSrPhpqzQIi0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e4fe7a202-YYZ
expires
Thu, 07 Dec 2023 20:51:12 GMT
bootstrap.js
www.bleepstatic.com/js/redesign/bootstrap/js/ 		50 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bootstrap/js/bootstrap.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
752410
cf-polished
origSize=75484
cf-bgj
minify
last-modified
Wed, 13 Feb 2019 14:22:49 GMT
server
cloudflare
etag
W/"984724076"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=6P732DPisDqymiKjo55a7WsJPjIBaULzFV7GFbLwz1384kZs%2BG%2Bp8i%2BycJXs%2FibDp1gQhYMf%2B2IpJRRaxy8mzVl4Z1b1WNQA8Xvsw2SEIHAwyIM8qSQjV05Nok32G3MAsCRT%2F%2BY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0e4fe8a202-YYZ
expires
Wed, 06 Dec 2023 21:49:53 GMT
blazy.min.js
www.bleepstatic.com/js/blazy/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/blazy/blazy.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 16 Aug 2018 21:06:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
748258
etag
W/"753357888"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=fJiOlczm55%2F24lQTEhCJRKumNoFkJ9fd7WQfKW56PDHsYywHRqjdSHVcy6vop6fVWhr44Q7FsvBLOL9NGcrBLCnVB5bTmwd%2B%2BVecL8Q9QFLCTrd3SqbiWNMX2hVSknEFRc5yJgc%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0e4fdea202-YYZ
expires
Wed, 06 Dec 2023 22:59:05 GMT
bleep.js
www.bleepstatic.com/js/redesign/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/bleep.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
571987
cf-polished
origSize=3600
cf-bgj
minify
last-modified
Mon, 01 Oct 2018 12:47:57 GMT
server
cloudflare
etag
W/"2696894447"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=R52hQjnnY7%2BHUJ0r0hj%2FCTwwfNfa5smw09mOqXtijB2U6Q80PVnSIKjOdVOi0vJtjkuzXcXPfmsG3CCfRhmPlA0yXYlNwHieZ4HN4bLRNHPsbtFfixc%2BhQEeUMRnNit1BUVNdzg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0e4fe9a202-YYZ
expires
Fri, 08 Dec 2023 23:56:55 GMT
jquery.fancybox.js
www.bleepstatic.com/js/redesign/fancybox/ 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
745715
cf-polished
origSize=48706
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"327140449"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1um9gfdGWgM1baecvK0WG6OLWubRDmOCKuKcHCqLtXzpcB1GCJyr67LplH4RyuKzwmSdF378gVPoMghbDSZPWKKl6n7tyWEJ0IooJCG5uDdocpPm6t9GJx5h6d7p2sJlt7nQSL4%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0e6ffba202-YYZ
expires
Wed, 06 Dec 2023 23:41:28 GMT
fixto.min.js
www.bleepstatic.com/js/fixto/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/fixto/fixto.min.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Sat, 13 Jun 2015 21:34:42 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
112733
etag
W/"1740214911"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=o1NlvVLshnm6SQNjXj92SxzKmVOkZ1%2BJtwJunaGIdQ1rqOSWThe8ERRmyCuGbc20joM79W%2BJghfz1Y3mbBRFrh8G1I2L558ii0EKDnUfTkWz7WfS3fo7trRLeNiooyWMjOQeowE%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0e4fe3a202-YYZ
expires
Thu, 14 Dec 2023 07:31:10 GMT
connatix.playspace.js
cd.connatix.com/ Frame 812E 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cd.connatix.com/connatix.playspace.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8bb41995562557b36864f7722bcdd8bd0f5a5bea0beb331af9575c10819670fe

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
content-type
application/javascript
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
823f1b0fbe0136ca-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
fab.js
ecdn.analysis.fi/static/js/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.analysis.fi/static/js/fab.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.160.18.81 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-18-81.iad12.r.cloudfront.net
Software
Apache/2.4.54 (Debian) /
Resource Hash
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:18:12 GMT
content-encoding
gzip
via
1.1 a7a07e0b0db92670f70b5d65da05ed76.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P4
age
1912
x-cache
Hit from cloudfront
content-length
1696
last-modified
Mon, 07 Aug 2023 11:07:01 GMT
server
Apache/2.4.54 (Debian)
etag
"1090-602533ee4ff40-gzip"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600, public
accept-ranges
bytes
x-amz-cf-id
MAE35XGO2TxcRE4n56sxPAWLapDs25Dk_2DdxHBc_JZ1R8VnHZwAWA==
fi_client.js
ecdn.firstimpression.io/ 		349 KB
93 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ecdn.firstimpression.io/fi_client.js
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
Apache/2.4.54 (Debian) / PHP/8.2.0
Resource Hash
1e0bd634c17317841ada3582bc8ab48c2a960d16c83832d744ebec29879769fc
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 14:06:27 GMT
Content-Encoding
br
Via
1.1 f9727388a9890610c008f83558e75e0e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P2
Age
2617
X-Powered-By
PHP/8.2.0
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
X-XSS-Protection
0
Last-Modified
Fri,10 Nov 2023 14:06:27 UTC
Server
Apache/2.4.54 (Debian)
ETag
W/"388bdae9fe31d4f01736a63265cba6aa"
Vary
Accept-Encoding
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
X-Amz-Cf-Id
wjDmCVxFUK2bsXrVdAMLFlME-j71KzhPztrNmF62OFmR5T_Om2JwtA==
truncated
/ 		37 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Content-Type
image/gif
login_bg.png
www.bleepstatic.com/images/site/ 		126 B
486 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/login_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
204815
cf-polished
origFmt=png, origSize=187
content-disposition
inline; filename="login_bg.webp"
content-length
126
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=I2qWSyRAqMC6u7Tpzr51xjvN9%2Fh9J5h6bshCjdTDfnQgpY2ueUb%2F1QxxIzcdNsnz96tVGDwJa6%2BeNmsGEBFqafccYUXw%2FhYvfT6rEagh78H%2B5dSq3FcPqsZDxbft%2F0uqzCkOjXU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e781da202-YYZ
expires
Fri, 08 Dec 2023 05:56:28 GMT
nav_bg.png
www.bleepstatic.com/images/site/ 		72 B
570 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/nav_bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
241209
cf-polished
origFmt=png, origSize=83
content-disposition
inline; filename="nav_bg.webp"
content-length
72
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 07:57:02 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7EW3IqG%2BU%2BOtPTEiWipxq7XlvO6Y4KIExocMNyqzcukzFWoY1%2FUKxIdv5AGmZeZzl82duQi7mM81eqWkpBk9vSZcvY1qqZ%2FgUxM7j8oVFGfCaCSdn8o9MfkxUjoDxxNUSH57jT8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e7821a202-YYZ
expires
Thu, 07 Dec 2023 19:49:54 GMT
20x20-printer.png
www.bleepstatic.com/images/site/ 		422 B
832 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/20x20-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
13572
cf-polished
origFmt=png, origSize=824
content-disposition
inline; filename="20x20-printer.webp"
content-length
422
cf-bgj
imgq:85,h2pri
last-modified
Sat, 03 Oct 2015 03:18:32 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lGnQ7tirB%2Fc38pQlFzU30T0YipD9bCilfMUmDCj40alz5ZGaMNjX9n1O%2BOVybxlCNq0jMewnIYGEMan9x3cs5TAD8Xa6IN5Vyn%2FfTtg9HzmjM%2BG%2B5HSBk2IGb7Ry9HIe%2FYG8bME%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e7823a202-YYZ
expires
Sun, 10 Dec 2023 11:03:51 GMT
calendar.png
www.bleepstatic.com/images/site/ 		86 B
466 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/calendar.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
241061
cf-polished
origFmt=png, origSize=129
content-disposition
inline; filename="calendar.webp"
content-length
86
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sV4hushme3M4KJ2e2gOxDFx3Oz%2FqW30UWoj7DpXCzFSlYgiq4QM5a0ltAzhQ2YZSC%2FRuVIBgebPEzwmOzL2ls1wEVeDiQKjYYtYvmRpMKF4n%2FFgL%2BZbvOJJF8zxIkhAmV9%2BmZ2U%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e7826a202-YYZ
expires
Thu, 07 Dec 2023 19:52:22 GMT
clock.png
www.bleepstatic.com/images/site/ 		252 B
625 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/clock.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
234200
cf-polished
origFmt=png, origSize=1316
content-disposition
inline; filename="clock.webp"
content-length
252
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 May 2015 07:08:14 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1msJXlH%2Fdha5c2e34Vsd0JfMC8NfEDO%2F8yxSBR379dzOlgiCILuStYsqJ8%2Bz5BMOuM6ux6sGmvkSUudG7gxQSX5Jpg1XTd4f3G4qrAJUq6qWvqMafdfcBsdxiBc2A8ygqUKa5A0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e782aa202-YYZ
expires
Thu, 07 Dec 2023 21:46:43 GMT
comment-light.png
www.bleepstatic.com/images/site/ 		94 B
478 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/comment-light.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/news.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/news.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
12993
cf-polished
origFmt=png, origSize=1034
content-disposition
inline; filename="comment-light.webp"
content-length
94
cf-bgj
imgq:85,h2pri
last-modified
Fri, 29 May 2015 07:08:28 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l9lAhL7PMkdmdsaH%2FiF6GtHIue%2Bui4B7zLBbTa0kgITNmHoInaDyXbr%2FSjJae%2BuPVI4xmDeq%2FNytqzZztFeYtMZ3rvK2o8sPnx51kU37YYfSDiPq80%2FzT4ypu7KOEKfOUwefq3s%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e782ea202-YYZ
expires
Sun, 10 Dec 2023 11:13:29 GMT
32x32-printer.png
www.bleepstatic.com/images/site/ 		256 B
762 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/32x32-printer.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
241208
cf-polished
origFmt=png, origSize=618
content-disposition
inline; filename="32x32-printer.webp"
content-length
256
cf-bgj
imgq:85,h2pri
last-modified
Fri, 02 Oct 2015 21:57:19 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=13bKHAndacbs0wsATCm1PmnXcJ2rwtgA92QJ%2Fmy9Cbn24SyKAC6IOWeRI0aHZSL%2FuwZqxbKnrA5aT5m3rf702kNDkx9JPAhcAXae%2FsJ3fqhcDeQ%2FYET9zFwSgT6H8O0UG7pk0aQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e7830a202-YYZ
expires
Thu, 07 Dec 2023 19:49:54 GMT
42758747b8592c683aa2b2162019ddfa.jpg
www.bleepstatic.com/author/photos/ 		7 KB
8 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/author/photos/42758747b8592c683aa2b2162019ddfa.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
743360
cf-polished
qual=85, origFmt=jpeg, origSize=12322
content-disposition
inline; filename="42758747b8592c683aa2b2162019ddfa.webp"
content-length
7248
cf-bgj
imgq:85,h2pri
last-modified
Tue, 28 Sep 2021 21:25:46 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tZZX58CG70Jc0kKQbn6SQfRAEKCrOZEhOwJQaOG%2Bs%2Bvgbdd8NRjKo0Rs0%2FAXv6eEnPjcvn9aPn7Q1JT85hNrbBzG1bLwtpqv1CZT0kc5l%2FtiW0G%2FCYo%2BdhZyT0EGAGsg8bQvK1k%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e7833a202-YYZ
expires
Sat, 02 Dec 2023 00:20:43 GMT
h4-bg.png
www.bleepstatic.com/images/site/ 		38 B
413 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/images/site/h4-bg.png
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepstatic.com/css/redesign/main.css?v=05.19.23.2
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:03 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
198442
cf-polished
origFmt=png, origSize=72
content-disposition
inline; filename="h4-bg.webp"
content-length
38
cf-bgj
imgq:85,h2pri
last-modified
Sat, 04 Mar 2017 20:46:52 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=EUF%2FTbFDhv%2FcsFN%2B8WA16bXqQ8xUIZ2tXKRUR79WV2lMKmwtEfPEkepV5l2Q409MIf33rwstVGnk67sIXxLMB87vxdePRL2XXsdTpgu92cguBw1r521UWLfF9doZiDmvZ78uWWU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0e7837a202-YYZ
expires
Fri, 08 Dec 2023 07:42:41 GMT
KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:36:51 GMT
x-content-type-options
nosniff
age
61993
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15744
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:48 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 21:36:51 GMT
KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:46:10 GMT
x-content-type-options
nosniff
age
61434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15860
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:42 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 21:46:10 GMT
KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 22:01:12 GMT
x-content-type-options
nosniff
age
60532
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15740
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:56 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 22:01:12 GMT
KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,100,300,500,700,900&display=swap
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::5e Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Thu, 09 Nov 2023 21:30:41 GMT
x-content-type-options
nosniff
age
62363
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
15920
x-xss-protection
0
last-modified
Wed, 11 May 2022 19:24:45 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Nov 2024 21:30:41 GMT
configs
d.pub.network/v2/sites/bleepingcomputer-com/ 		74 KB
7 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://d.pub.network/v2/sites/bleepingcomputer-com/configs?env=PROD
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.160.152.31 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
31.152.160.34.bc.googleusercontent.com
Software
/
Resource Hash
e77f44d52abbb705b058be0624841a4ac645e9420b991e7023bd4b27e8ffbebd

Request headers

Referer
https://www.bleepingcomputer.com/
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
gzip
via
1.1 google
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Accept-Encoding, User-Agent
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-allow-credentials
true
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
jquery.fancybox.css
www.bleepstatic.com/js/redesign/fancybox/ 		4 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/js/redesign/fancybox/jquery.fancybox.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
748258
cf-polished
origSize=4895
cf-bgj
minify
last-modified
Wed, 14 Oct 2015 20:25:51 GMT
server
cloudflare
etag
W/"9108074"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Vq4P2KJfERdK862Z6D9cH1kY5a%2FyIlDhi0Tdzv2n5NZHu6CzfUGl8zOcXEKYF2XDNN6XKGyY9mncjTnOhJ5OQ8i3hu3zPz4ncCoHIYNMwMvulFnMsDi26%2BA4t%2BX8RnUpeEhnjj8%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0f2966a202-YYZ
expires
Wed, 06 Dec 2023 22:59:06 GMT
fontawesome.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		79 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/fontawesome.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:35:03 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
93069
etag
W/"2038534161"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=a80C9sd3IQ36uEOzQ%2FX16q3iT%2BmRJoKJ4RJcHWHgvEyuVkZl4YIxACYXHiBpoSqV3tWH8vtQJZOMqzHARHKE6Mib8J4HV2wEGnvYvsPgzbm%2FHxcYVKgVMvF7zrdgOzbWX%2BCbwcU%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0f296ba202-YYZ
expires
Thu, 14 Dec 2023 12:58:55 GMT
brands.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		18 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:34:45 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
26835
etag
W/"2013745295"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=1vEhd42eK3DCpP6YfXSy6i7P7PDkjdeH%2BGD50VqLm46GtQvTG6tcbaLbW0MvALF17s77fcvbWH7ZBCIj9UuYa5ydhXQmd2hgX%2B7aq727VHzEW5Hb%2BCwgxXcXal2qRydu%2BEM7HEg%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0f296da202-YYZ
expires
Fri, 15 Dec 2023 07:22:49 GMT
solid.min.css
www.bleepstatic.com/redesign/fontawesome6/css/ 		572 B
661 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:34:55 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
13299
etag
W/"508050520"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QYuKKtKfMZqCnzal%2FejZeA72aZyMjcgxTbyPAelKStwYzgXiwcgMg4NnhYUayvgSu5%2BAOJ6MvBTXKseKFT%2BHz1IZWjRod2XJVYNJFi1T%2Bd9%2BSY12HbOrGlPGTLx%2BrRWgrzNKz9k%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=3024000
cf-ray
823f1b0f296ea202-YYZ
expires
Fri, 15 Dec 2023 11:08:24 GMT
325a0a289ab738d53a080f14b0.main.js
functionalfeather.com/static/1517c2dd0e08/ 		68 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/static/1517c2dd0e08/325a0a289ab738d53a080f14b0.main.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
dd0bc74fd74412ac5d6feda8f47931466fa2f1339b2b4f9b271d67c0123ec062
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=15724800; preload
content-encoding
br
via
1.1 google
date
Fri, 10 Nov 2023 14:50:04 GMT
x-datacenter
gce-us-central1
etag
"6b8f42d52c3bba608fdb58a16914fcb0301483b43934f2d304c9455b055805b7"
x-buildname
hoothoot
vary
Accept-Encoding, Accept-Language
x-hostname
fen-hoothoot-us-central1-spot-jhcx
content-type
text/javascript; charset=utf-8
cache-control
private, must-revalidate, max-age=21600
x-buildnumber
1052555292
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
292x176_cloudflare.jpg
www.bleepstatic.com/content/hl-images/2023/11/02/thumb/ 		11 KB
11 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2023/11/02/thumb/292x176_cloudflare.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0ac2e100237281829ff2ffcb512402356cde3e67cde7c455fd4c0615daa30143

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
32733
cf-polished
degrade=85, origSize=49772, status=webp_bigger
content-length
10978
cf-bgj
imgq:85,h2pri
last-modified
Thu, 02 Nov 2023 15:29:51 GMT
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wi8aOxrn9He8WwBM0hPg8eBTwKuFpAyUXnlyqAaHp6DBCVxL%2BONQ%2F6j7dgC13HttAOYD1%2FLAjokFHxYyPJBIdeN4Ll0eHIbUQGvVGqIFodRGjyoWuFKtxMaKES%2BbThoP4akYvk4%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0fba5da202-YYZ
expires
Sun, 10 Dec 2023 05:44:31 GMT
292x176_ChatGPT.jpg
www.bleepstatic.com/content/hl-images/2023/11/08/thumb/ 		4 KB
5 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.bleepstatic.com/content/hl-images/2023/11/08/thumb/292x176_ChatGPT.jpg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bc87d0cb0069d3c81c7df445c22748b34970a953bd608fadc5c8ff0aea787885

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
121782
cf-polished
qual=85, origFmt=jpeg, origSize=24259
content-disposition
inline; filename="292x176_ChatGPT.webp"
content-length
4392
cf-bgj
imgq:85,h2pri
last-modified
Wed, 08 Nov 2023 16:27:15 GMT
server
cloudflare
vary
Accept
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FCkUPhzkIlxBucFYVuBGSBZoWaVtEY80W2Js5YI2R%2F8H9oRu1EaNok%2BnsKcIAl8hxmwASpkv1MzdMJozTkXpD4yEpFcxC2ZmwK8aulkDKGbczuv6s6RPK3X7cErp5nUlSjqsne0%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/webp
access-control-allow-origin
*
cache-control
max-age=2592000
accept-ranges
bytes
cf-ray
823f1b0fca7ba202-YYZ
expires
Sat, 09 Dec 2023 05:00:22 GMT
fa-solid-900.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		147 KB
148 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-solid-900.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6

Request headers

Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/solid.min.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:33:11 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5111
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FKjQKOTVQDTgEm1q4o81NWuEYu542dttYKKHt3E%2B0Ccl1MOCTZr45Kp6dXckBPGTr2lsun1yT5bG3LSCT2wARAXkaZTVv%2BS8SqRksHME1jAoOiRPlSWELhhGg3Vo5ryg5%2FR0De4%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
823f1b10cac936fa-YYZ
content-length
150472
fa-brands-400.woff2
www.bleepstatic.com/redesign/fontawesome6/webfonts/ 		105 KB
105 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.bleepstatic.com/redesign/fontawesome6/webfonts/fa-brands-400.woff2
Requested by
Host: www.bleepstatic.com
URL: https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.67.75.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718

Request headers

Referer
https://www.bleepstatic.com/redesign/fontawesome6/css/brands.min.css
Origin
https://www.bleepingcomputer.com
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
cf-cache-status
HIT
last-modified
Mon, 14 Nov 2022 22:32:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
5944
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=oO1VJKPhDWwle%2FUZy%2FmP1cSEUSlZnn0YYF4b%2F9dINopnv5Umi5xqPRkwyD%2BW4vfOeW%2Bz8FrtXqNTA7N1ZhAGLAUnCBMPOyGF6MLtu74SL2hPTSZBASkVbAy9itlJagS6HpTuHXg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
access-control-allow-origin
*
accept-ranges
bytes
cf-ray
823f1b10cace36fa-YYZ
content-length
107460
connatix.playspace.js
cds.connatix.com/p/375093/ Frame 812E 		1 MB
302 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/375093/connatix.playspace.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
34f8c722cffad1b85092da988d0bc1c6242764c5fa7c08876d170b3204a8aa63

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
x-amz-version-id
EmRcmQw.BpeNKnzj5fjQs_fsyLAFN_W2
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 10 Nov 2023 13:51:05 GMT
server
cloudflare
etag
W/"ebf37534e266e5a4d03e87c9513eb963"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
823f1b103ede36ca-YYZ
access-control-allow-headers
range
expires
Sat, 09 Nov 2024 14:50:04 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
571 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 00:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51461
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 00:32:23 GMT
achoice.svg
widgets.outbrain.com/images/widgetIcons/ 		990 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://widgets.outbrain.com/images/widgetIcons/achoice.svg
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
69.192.110.3 New York, United States, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a69-192-110-3.deploy.static.akamaitechnologies.com
Software
AkamaiNetStorage /
Resource Hash
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

expires
Sun, 10 Dec 2023 14:50:04 GMT
date
Fri, 10 Nov 2023 14:50:04 GMT
last-modified
Tue, 10 Jan 2023 16:40:08 GMT
server
AkamaiNetStorage
etag
"5ab8e16b5f46213840bcd403e349419c:1673369393.880194"
access-control-allow-methods
GET,POST
content-type
image/svg+xml
access-control-allow-origin
*
cache-control
max-age=2592000
access-control-allow-credentials
false
accept-ranges
bytes
timing-allow-origin
*, *
content-length
990
access-control-request-headers
X-OB-STG,X-OB-PRD
beacon.js
sb.scorecardresearch.com/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sb.scorecardresearch.com/beacon.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 00:37:37 GMT
content-encoding
gzip
via
1.1 e030eb9e2523dd8af200ce39f28ca642.cloudfront.net (CloudFront)
last-modified
Fri, 21 Jul 2023 22:21:17 GMT
server
AmazonS3
x-amz-cf-pop
IAD55-P3
age
51148
x-amz-server-side-encryption
AES256
etag
W/"a06e7a176f40dc26aa5e9567ac9d2d5e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
max-age=86400
x-amz-cf-id
Hb0p-eoj7Y0OCK5ApBLSMyQVm2qbggvLZi01M-7K5Bfe70E59Covsw==
pubfig.engine.js
a.pub.network/core/pubfig/5.19.5/ 		555 KB
154 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/bleepingcomputer-com/pubfig.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6ad118573e878197461bcb18c0ef87b3a495056d4a61fda8ace401210a0cab3

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
246673
x-guploader-uploadid
ABPtcPryrMcoliQWcfmqoMeOhB0UZwzRPX7t_qzmmW3fFia-U8LVVN6TefRDb_DZ17UywiwBuHkD30wTbw
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Tue, 07 Nov 2023 16:36:15 GMT
server
cloudflare
etag
W/"4c951c87113bea32c6c7638720ae0e31"
vary
Accept-Encoding
x-goog-generation
1699374975615969
content-type
application/javascript
access-control-allow-origin
*
x-goog-hash
crc32c=qzO4eQ==, md5=TJUchxE76jLGx2OHIK4OMQ==
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
568303
cf-ray
823f1b10bd2936a9-YYZ
expires
Fri, 10 Nov 2023 15:50:04 GMT
js
www.googletagmanager.com/gtag/ 		277 KB
92 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::61 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
26c10af10b23582068cb37a4c4617117d841511d074695d8491096d86f3debe7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
93614
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Fri, 10 Nov 2023 14:50:04 GMT
analytics.js
www.google-analytics.com/ 		52 KB
21 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-91740-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
date
Fri, 10 Nov 2023 14:07:24 GMT
last-modified
Mon, 12 Jun 2023 18:23:07 GMT
server
Golfe2
age
2560
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
20994
expires
Fri, 10 Nov 2023 16:07:24 GMT
show_ads_impl_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ 		400 KB
136 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js?bust=31079569
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
7ad8a28b9ab0866c3372ab50550ca437d49fe1d52369aa0a0c9233f2f395332b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
138656
x-xss-protection
0
server
cafe
etag
18037054520525048045
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 14:50:04 GMT
zrt_lookup_fy2021.html
googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/ Frame B590 		9 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20231108/r20190131/zrt_lookup_fy2021.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

age
60971
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
public, max-age=1209600
content-encoding
br
content-length
4118
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 09 Nov 2023 21:53:53 GMT
etag
16674218716276178799
expires
Thu, 23 Nov 2023 21:53:53 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
skeleton.gif
static.adsafeprotected.com/ 		43 B
482 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://static.adsafeprotected.com/skeleton.gif?adslot=ad_300x250_6724608
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:24f4:1e00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Wed, 29 Mar 2023 08:14:48 GMT
x-amz-version-id
iiN8XkcmZQdDIQeKkzAiegPwcD.5WPja
via
1.1 b885d7691d1de254a7c8e89572398f9a.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD55-P3
age
19550117
x-amz-server-side-encryption
AES256
x-cache
Hit from cloudfront
x-amz-replication-status
COMPLETED
content-length
43
last-modified
Mon, 17 Aug 2020 23:55:15 GMT
server
AmazonS3
etag
"45cf913e5d9d3c9b2058033056d3dd23"
content-type
image/gif
cache-control
max-age=315360000
accept-ranges
bytes
x-amz-cf-id
cT1DtBf7EB8aN9a9MIJRhcn8rCeWUC0zOC69jESwoyH2gdAR6n9uEQ==
/
optimise.net/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.bleepingcomputer.com&t=desktop
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
x-api-key
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fs-client-rtt
access-control-max-age
3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
date
Fri, 10 Nov 2023 14:50:04 GMT
expires
0
fs-client-rtt
3
pragma
no-cache
strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
/
optimise.net/ 		5 KB
5 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://optimise.net/?k=0&d=www.bleepingcomputer.com&t=desktop
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
34.111.152.239 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
239.152.111.34.bc.googleusercontent.com
Software
/
Resource Hash
7e77b9e100ab7b73322ec8566cec58083b88d8b2ec7130e25b5337e85fadcb84
Security Headers
Name Value
Strict-Transport-Security max-age=31536000;includeSubDomains;preload;

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
x-api-key
4e799501-b8b6-4ef1-bad5-225b3dd1aa8d

Response headers

strict-transport-security
max-age=31536000;includeSubDomains;preload;
via
1.1 google
date
Fri, 10 Nov 2023 14:46:04 GMT
fs-client-rtt
48
age
241
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
4714
pragma
no-cache
access-control-max-age
3600
access-control-allow-methods
ACL, CANCELUPLOAD, CHECKIN, CHECKOUT, COPY, DELETE, GET, HEAD, LOCK, MKCALENDAR, MKCOL, MOVE, OPTIONS, POST, PROPFIND, PROPPATCH, PUT, REPORT, SEARCH, UNCHECKOUT, UNLOCK, UPDATE, VERSION-CONTROL
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-expose-headers
fs-client-rtt
cache-control
no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept, Key, Authorization, x-api-key
expires
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d6ee922eecba4ab08476af9747e1ffd664f219ddb34b465b6e045d21f5271b85
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31426
x-xss-protection
0
server
cafe
etag
916 / 19671 / m202311020101 / config-hash: 2511228162032463359
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 14:50:04 GMT
prebid-analytics-7.48.4.js
a.pub.network/core/ 		596 KB
193 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/prebid-analytics-7.48.4.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
content-encoding
gzip
cf-cache-status
HIT
age
31900
x-guploader-uploadid
ABPtcPp9XtzqxFU1MIKYAaC8FB4WC9GUXRUMhA_PCWX_f1h5PGP8nkEx4N5YZToybVuI9_e4huZwSjfiYA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
3
x-goog-stored-content-encoding
identity
last-modified
Tue, 18 Jul 2023 18:59:55 GMT
server
cloudflare
etag
W/"5243e8ea27fda1bab8578db0b34dba61"
vary
Accept-Encoding
x-goog-generation
1689706795179212
content-type
text/html
access-control-allow-origin
*
x-goog-hash
crc32c=hSRCNw==, md5=UkPo6if9obq4V42ws026YQ==
content-language
en
access-control-expose-headers
*
cache-control
public, max-age=31462129
x-goog-stored-content-length
610321
cf-ray
823f1b12d8d636a9-YYZ
expires
Fri, 08 Nov 2024 18:18:53 GMT
collect
www.google-analytics.com/g/ 		0
177 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-GD465VRQLD&gtm=45je3b81v878037826&_p=1699627803848&gcd=11l1l1l1l1&dma=0&cid=1179475407.1699627805&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=AAAI&_s=1&sid=1699627804&sct=1&seg=0&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&dt=Hackers%20hijack%20Citrix%20NetScaler%20login%20pages%20to%20steal%20credentials&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1965
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-GD465VRQLD&l=dataLayer&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:04 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cSyncRemoteEntry.js
cds.connatix.com/p/375093/ Frame 812E 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/375093/cSyncRemoteEntry.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
x-amz-version-id
OG7QEqJRUtBUvQGWGgIH5ph2salPotdB
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 10 Nov 2023 13:51:07 GMT
server
cloudflare
etag
W/"d60d811350d7df0f4503ae40d8a9728a"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
823f1b146d3436ca-YYZ
access-control-allow-headers
range
expires
Sat, 09 Nov 2024 14:50:04 GMT
connatix.playspace.css
cds.connatix.com/p/375093/ 		117 KB
18 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/375093/connatix.playspace.css
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
146d44c816ed6aa83ce54ff040011c014ab16f9da2fc2ec4f72db5f711df9b21

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:04 GMT
x-amz-version-id
7peNqF5D_Ryp2b4WUFYVXAfuc7GtbwPG
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 10 Nov 2023 13:51:05 GMT
server
cloudflare
etag
W/"71fb6ca1b82e94aebb3a7a396e0bddc0"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
text/css
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
823f1b144d0736ca-YYZ
access-control-allow-headers
range
expires
Sat, 09 Nov 2024 14:50:04 GMT
spc_fi.php
cdn.firstimpression.io/delivery/ 		39 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://cdn.firstimpression.io/delivery/spc_fi.php?id=5971&url=%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&charset=UTF-8&ch=6&ref=www.bleepingcomputer.com&viewerId=null&referer=&_firid=34790010
Requested by
Host: ecdn.firstimpression.io
URL: https://ecdn.firstimpression.io/fi_client.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
18.160.46.100 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-160-46-100.iad55.r.cloudfront.net
Software
Apache/2.4.38 (Debian) /
Resource Hash
aaff81dee7c3617affb080504add07df07f631d8cd3685361149ff0c482f8ebd

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

Date
Fri, 10 Nov 2023 14:50:05 GMT
Content-Encoding
gzip
Via
1.1 f338f1f5c997eee01a37834445ee4740.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
IAD55-P2
X-Cache
Miss from cloudfront
P3P
CP="CUR ADM OUR NOR STA NID"
Connection
keep-alive
Content-Length
7724
Pragma
no-cache
Server
Apache/2.4.38 (Debian)
Vary
Accept-Encoding
Content-Type
application/json; charset=UTF-8
Access-Control-Allow-Origin
https://www.bleepingcomputer.com
Cache-Control
no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials
true
X-Amz-Cf-Id
p7SAiByZU0dRE1bfX9XT4qjQvz_BhAYunYXPz3TJRoOOtT9GREG79w==
Expires
0
ads
googleads.g.doubleclick.net/pagead/ Frame DE9F 		135 KB
36 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-0920899300397823&output=html&adk=1812271804&adf=3025194257&lmt=1696863264&plat=2%3A16777216%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32%2C41%3A32%2C42%3A32&plas=188x675_l%7C188x675_r&format=0x0&url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&ea=0&pra=7&wgl=1&easpi=0&asro=0&asiscm=1&aslmt=0.4&asamt=-1&asedf=0&asefa=1&aseiel=1~2&ascmds=1&uach=WyIiLCIiLCIiLCIiLCIiLG51bGwsMCxudWxsLCIiLG51bGwsMF0.&dt=1699627804325&bpp=2&bdt=952&idt=492&shv=r20231108&mjsv=m202311060101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=887586330128&rume=1&frm=20&pv=2&ga_vid=1179475407.1699627805&ga_sid=1699627805&ga_hid=7679609&ga_fc=1&u_tz=-480&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C31079266%2C44807460%2C31078301%2C31079569%2C44807753%2C44806141%2C44807763%2C44808149%2C31061691%2C31061692&oid=2&pvsid=2399244328977114&tmod=1510244525&uas=0&nvt=1&fsapi=1&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&psd=W251bGwsbnVsbCxudWxsLDNd&ifi=2&uci=a!2&fsb=1&dtd=556
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js?bust=31079569
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c09::9a Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
2fab4b8ba488c5852b480837fb7060454c8aaf31505d6086fa7bb1b5b96ea2ac
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.bleepingcomputer.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
accept-language
en-CA,en;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control
private
content-encoding
br
content-length
36245
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Fri, 10 Nov 2023 14:50:05 GMT
expires
Fri, 10 Nov 2023 14:50:05 GMT
observe-browsing-topics
?1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server
cafe
timing-allow-origin
*
x-content-type-options
nosniff
x-xss-protection
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=ach_evt&tn=HEADER&ign=false&pw=1600&ph=1200&x=0&y=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:04 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
b2
sb.scorecardresearch.com/
Redirect Chain
  • https://sb.scorecardresearch.com/b?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699627804902&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hija...
  • https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699627804902&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hij...
0
224 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sb.scorecardresearch.com/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699627804902&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&c8=Hackers%20hijack%20Citrix%20NetScaler%20login%20pages%20to%20steal%20credentials&c9=
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Server
18.165.83.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-165-83-79.iad55.r.cloudfront.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 e030eb9e2523dd8af200ce39f28ca642.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-amz-cf-id
nRW4n6NiKkJoHTqGyLtJ_bxfRonWb-ksCdJBmJ4vvddGBthEu6R8wQ==
x-cache
Miss from cloudfront

Redirect headers

date
Fri, 10 Nov 2023 14:50:04 GMT
via
1.1 e030eb9e2523dd8af200ce39f28ca642.cloudfront.net (CloudFront)
accept-ch
UA, Platform, Arch, Model, Mobile
x-amz-cf-pop
IAD55-P3
x-cache
Miss from cloudfront
location
/b2?c1=2&c2=23384447&cs_it=b9&cv=4.0.0%2B2301240627&ns__t=1699627804902&ns_c=UTF-8&cs_ucfr=&c7=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&c8=Hackers%20hijack%20Citrix%20NetScaler%20login%20pages%20to%20steal%20credentials&c9=
content-length
0
x-amz-cf-id
DgOlCfyacHTcYU_XGO-nFlM7tYQkVSSFL7s_N27n8NvnBnAaQ3ayQw==
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j101&a=7679609&t=pageview&_s=1&dl=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&ul=en-us&de=UTF-8&dt=Hackers%20hijack%20Citrix%20NetScaler%20login%20pages%20to%20steal%20credentials&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAUABAAAAACAAI~&jid=1149251379&gjid=1338354083&cid=1179475407.1699627805&tid=UA-91740-1&_gid=413420803.1699627805&_r=1&gtm=457e3b81&gcd=11l1l1l1l1&dma=0&jsscut=1&z=1912497255
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c08::64 Ashburn, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:04 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
952.js
cds.connatix.com/p/375093/ Frame 812E 		76 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/375093/952.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
x-amz-version-id
hEx0OoTJ2LVXCSX7NXLFyQTNkI7UW5Db
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 10 Nov 2023 13:51:07 GMT
server
cloudflare
etag
W/"57846254bbd200f9201061ef4191f1e3"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
823f1b155e8e36b2-YYZ
access-control-allow-headers
range
expires
Sat, 09 Nov 2024 14:50:05 GMT
402.js
cds.connatix.com/p/375093/ Frame 812E 		44 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/375093/402.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/cSyncRemoteEntry.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
x-amz-version-id
qNLRHyPG52dP9Xgut97V0CMHsUWvglnF
content-encoding
br
cf-cache-status
HIT
x-amz-replication-status
FAILED
alt-svc
h3=":443"; ma=86400
last-modified
Fri, 10 Nov 2023 13:51:07 GMT
server
cloudflare
etag
W/"04982ce209e45ea5b9d8a2076bc96397"
vary
Accept-Encoding
access-control-allow-methods
*
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
access-control-max-age
86400
cf-ray
823f1b155e9436b2-YYZ
access-control-allow-headers
range
expires
Sat, 09 Nov 2024 14:50:05 GMT
pubads_impl.js
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/ 		426 KB
134 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 04:47:50 GMT
content-encoding
br
x-content-type-options
nosniff
age
36135
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
136626
x-xss-protection
0
server
cafe
etag
12374074705736737879
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, immutable, max-age=31536000
timing-allow-origin
*
expires
Sat, 09 Nov 2024 04:47:50 GMT
sync
capi.connatix.com/core/ Frame 812E
Redirect Chain
  • https://capi.connatix.com/core/sync
  • https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
5 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1acc5917d8bc39aadedfecfd7a78e7596af395671f249ea9ca53bd83bd3683ff

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b16d92836ca-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 10 Nov 2023 14:50:05 GMT
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
location
https://capi.connatix.com:443/core/sync?final=true&UserScoringType=Enabled&ImplementationType=0
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b160f9336ca-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
27
alt-svc
h3=":443"; ma=86400
story
capi.connatix.com/core/ Frame 812E 		25 KB
7 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/story?v=375093
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
52d0ea23869312067f60923bc0a5f28a897caae3b1f20b604017b93eee232542

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
cf-cache-status
DYNAMIC
server
cloudflare
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b16583836ca-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400
config.js
cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/ 		77 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5e656b2e70812abe9e42d982ce6815d27bdc31ba51f15131ef6e3250fc2ea731

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 12:52:15 GMT
server
cloudflare
x-amz-request-id
K28V3W4F0NYRQ7S8
age
578
etag
W/"bcbe730797fbf3d323da310e803f96e8"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=900, stale-while-revalidate=3600
cf-ray
823f1b172d13369e-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
rVG0Fiu+bcsxFe4Vd7Gj7iTTyWudIetSgnoElAcQm0hbWZg6G5DOufJoSDiIkHhJSkVOQBloSYc=
tag
btloader.com/
Redirect Chain
  • https://freestar-io.videoplayerhub.com/gallery.js
  • https://btloader.com/tag?h=freestar-io&upapi=true
344 KB
94 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://btloader.com/tag?h=freestar-io&upapi=true
Requested by
Host: www.bleepingcomputer.com
URL: https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Server
2606:4700:10::6816:4ad8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
112b0270cc0e53a2581021943ce50e10dcd700a1cc023a24b9728fa0a20e2813

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
gzip
via
1.1 google
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 13:55:15 GMT
server
cloudflare
age
3289
etag
"be2c46e4cb0ae9dda84894e13e64db10"
vary
Origin, Accept-Encoding
content-type
application/javascript
cache-control
public, max-age=300, must-revalidate, stale-if-error=3600, stale-while-revalidate=300
accept-ranges
bytes
cf-ray
823f1b193be4a23a-YYZ
content-length
95988

Redirect headers

date
Fri, 10 Nov 2023 14:50:05 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrYPT9B%2BmoquQileri3aJZnUpPR%2FSLjcjWi92vRdAXirX2wAwQbHjMKp8OEGhL%2BfkPPr1I6kKOqznFVXd47hz%2BeMoCMULg2IFaDlB%2Fx1Xy5Eo1n8cNZai7Ddg0YYKI1%2FnlOM8LzZUT4rMvQVrconS%2B4GXQZ%2BjOVhf7xuBA%3D%3D"}],"group":"cf-nel","max_age":604800}
location
https://btloader.com/tag?h=freestar-io&upapi=true
cache-control
max-age=3600
cf-ray
823f1b173e8aa202-YYZ
expires
Fri, 10 Nov 2023 15:50:05 GMT
rum.js
pagead2.googlesyndication.com/pagead/js/ 		64 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/rum.js
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202311020101/pubads_impl.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
15d8ec3a740c090019f8ae5c259e0c10e59d0994624479865d9c4a039bfc3fb6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:03:21 GMT
content-encoding
br
x-content-type-options
nosniff
age
2804
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24367
x-xss-protection
0
server
cafe
etag
16117715234502620623
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 15:03:21 GMT
hadron.js
cdn.hadronid.net/ 		55 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:246e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
gzip
cf-cache-status
HIT
cf-bgj
minify
last-modified
Thu, 07 Sep 2023 17:31:32 GMT
server
cloudflare
x-amz-request-id
907P0TB94S36DGVM
age
6415
etag
W/"8bbf05f440008747d4df642e30fc4ddc"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
cf-ray
823f1b17398d39e1-YYZ
x-amz-id-2
h/ONXLwae6iM09gh9FAps6RtAYH3Y0Kwsp/Odih6j7jcgPhpo1/xVSCaJJeV+QY3MnwBFDbKvY0=
IIQUniversalID.js
a.pub.network/core/intentIQ/20230622/ 		55 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/pubfig/5.19.5/pubfig.engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:14ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
gzip
cf-cache-status
HIT
age
246674
x-guploader-uploadid
ABPtcPqc1mE_u2CUVkHKHk1UUV_ZK_Wv1i0U6EFTHltacv9u5_On51JCpNE0HkU_IOi_eiMv8WpvcALfQA
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
2
x-goog-stored-content-encoding
identity
last-modified
Thu, 22 Jun 2023 23:15:14 GMT
server
cloudflare
etag
W/"c45a15a8a50c2a275e14695cf631d08d"
vary
Accept-Encoding
x-goog-hash
crc32c=6m2COg==, md5=xFoVqKUMKideFGlc9jHQjQ==
x-goog-generation
1687475714790007
content-type
text/javascript
access-control-allow-origin
*
access-control-expose-headers
*
cache-control
public, max-age=3600
x-goog-stored-content-length
56442
cf-ray
823f1b164dc136a9-YYZ
expires
Fri, 10 Nov 2023 15:50:05 GMT
3d720291ec6fc551e298f8bf2c3a02ff4158ac55fbe0810b9f84f9
functionalfeather.com/ 		301 B
328 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/3d720291ec6fc551e298f8bf2c3a02ff4158ac55fbe0810b9f84f9
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/static/1517c2dd0e08/325a0a289ab738d53a080f14b0.main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
3a11f1c5b81a81f46f110da694894760c924514954f6dcb9609739d4cb99e4f9
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 google
x-buildnumber
1052555292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
301
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-hostname
fen-hoothoot-us-central1-spot-jhcx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 10 Nov 2023 14:50:04 GMT
ProfilesEngineServlet
api.intentiq.com/profiles_engine/ 		106 B
946 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://api.intentiq.com/profiles_engine/ProfilesEngineServlet?at=39&mi=10&dpi=1434517136&pt=17&dpn=1&jsver=5.4&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&jaesc=0&jafc=0&jaensc=0&iiqlocalstorageenabled=true&tsrnd=222_1699627805214&cttl=43200000&rrtt=0&dud=0&abtg=A&vrref=www.bleepingcomputer.com&japbjs=true&japs=false
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/intentIQ/20230622/IIQUniversalID.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.64.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-64-122.iad12.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
eb2b62e3b9e3af5c1bd9fa256330826cf4cb761efa20b60f45d203f1fc948276

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 a53ebc5c4d12bc9682b9c11ea18dccbe.cloudfront.net (CloudFront)
x-amz-cf-pop
IAD12-P1
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
pragma
no-cache
server
Apache-Coyote/1.1
vary
Origin
access-control-allow-methods
POST, GET
content-type
text/html
access-control-allow-origin
https://www.bleepingcomputer.com
access-control-max-age
3600
access-control-allow-credentials
true
cache-control
no-cache, no-store, must-revalidate
access-control-allow-headers
Content-Type, Accept, X-Requested-With, remember-me
x-amz-cf-id
f4b2xC_3vdBUgNGnMePnSjSAKqfh5IHdLSMx1h1Vm8rQzJWHKbNYIA==
expires
Thu, 01 Jan 1970 00:00:00 GMT
ProfilesEngineServlet
sync1.intentiq.com/profiles_engine/
Redirect Chain
  • https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=160960&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&tsr...
  • https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=160960&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&ts...
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=160960&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&tsrnd=789_1699627805215&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=chXatfJtlo&nc=false&trid=-588261963
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
3.162.125.65 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-3-162-125-65.iad61.r.cloudfront.net
Software
Apache-Coyote/1.1 /
Resource Hash
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 af08bb104c29fffb75d24691c869c256.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD61-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
FH31TI4oJBmZX_59dpJoBDqaOF8pAzO5ETJQGAp0PS-disZgbXtJcQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 185e69fae2e25450e587a1fae1f63962.cloudfront.net (CloudFront)
server
Apache-Coyote/1.1
x-amz-cf-pop
IAD61-P3
x-cache
Miss from cloudfront
p3p
CP="NOI DSP COR NID CURa ADMo TAIa PSAo PSDo OUR SAMo BUS UNI PUR COM NAV INT DEM CNT STA PRE LOC"
location
https://sync1.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&secure=1&dpi=1434517136&rnd=160960&iiqidtype=2&iiqpcid=21c67f28-b18b-4ee3-ace2-32ff76981fdb&iiqpciddate=1699627805214&tsrnd=789_1699627805215&vrref=www.bleepingcomputer.com&jsver=5.4&abtp=95&abtg=A&ckls=true&ci=chXatfJtlo&nc=false&trid=-588261963
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
patent
https://www.almondnet.com/ip
alt-svc
h3=":443"; ma=86400
content-length
43
x-amz-cf-id
orOH1K9hZU1rgo1mS1yXrQovkzlLSDWHPdmwXjCN3l7qo6iA7GTudQ==
expires
Thu, 01 Jan 1970 00:00:00 GMT
insights.bin
ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/8dc92fc6-ace2-4566-96fd-345411b52520/ Frame 812E 		576 B
412 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/d59f5d0c-2087-416a-821c-141798bc501e/8dc92fc6-ace2-4566-96fd-345411b52520/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
60eefcf729bb598f0023dfb88b4b86dfbeb84a1d1c0fff291282a8eeac48a9de

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Fri, 10 Nov 2023 11:56:39 GMT
server
cloudflare
etag
W/"24461de7c353e462b92c58c081905b08"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
823f1b183d2954a3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Nov 2024 14:50:05 GMT
insights.bin
ins.connatix.com/83306c1e7da9943190bb49c6c909bc31/ Frame 812E 		468 B
601 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/83306c1e7da9943190bb49c6c909bc31/insights.bin
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/connatix.playspace.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
64d4dba26e290c6a93533c62f1a401fbcd9f3f149ae0f759800f4695b03a7aec

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Thu, 02 Nov 2023 15:33:42 GMT
server
cloudflare
etag
W/"8958875299da2ad590e9be77dcccd73e"
access-control-max-age
86400
access-control-allow-methods
GET, HEAD
content-type
application/x-protobuf
access-control-allow-origin
*
cache-control
public,max-stale=31536000,stale-while-revalidate=31536000,immutable,max-age=31536000
vary
Accept-Encoding
cf-ray
823f1b183d2c54a3-YYZ
alt-svc
h3=":443"; ma=86400
expires
Sat, 09 Nov 2024 14:50:05 GMT
reactive_library_fy2021.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/ 		160 KB
55 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/reactive_library_fy2021.js?bust=31079569
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202311060101/show_ads_impl_fy2021.js?bust=31079569
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c17::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
cff985dea7d9b3775e42743bde4044e4f9b91b0b1f2e5c1429ad97942e40bc00
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
55806
x-xss-protection
0
server
cafe
etag
12136921488354310296
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 14:50:05 GMT
hadron.json
id.hadron.ad.gt/v1/ 		105 B
290 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Requested by
Host: cdn.hadronid.net
URL: https://cdn.hadronid.net/hadron.js?url=https%3A%2F%2Fwww.bleepingcomputer.com%2Fnews%2Fsecurity%2Fhackers-hijack-citrix-netscaler-login-pages-to-steal-credentials%2F&ref=&_it=freestar&partner_id=474&ha=_hadron
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bdc5cfbe3bf445af1f4dac6519026b69a5d8b1de622cde01aa5ac629d42f114d

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
application/json

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
gzip
cf-cache-status
DYNAMIC
server
cloudflare
access-control-allow-methods
HEAD,GET,POST,PUT,DELETE,OPTIONS
content-type
application/json
access-control-allow-origin
*
cache-control
private,max-age=30
access-control-allow-credentials
true
debug
NON-OPTIONS
access-control-allow-headers
authorization
cf-ray
823f1b19e90c3a00-YYZ
hadron.json
id.hadron.ad.gt/v1/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/v1/hadron.json?_it=freestar&partner_id=474&sync=0&domain=www.bleepingcomputer.com&url=https://www.bleepingcomputer.com/news/security/hackers-hijack-citrix-netscaler-login-pages-to-steal-credentials/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
access-control-allow-origin
*
allow
POST, OPTIONS, GET
cache-control
max-age=31536000 public, no-transform
cf-cache-status
DYNAMIC
cf-ray
823f1b192fe33a00-YYZ
content-length
0
content-type
application/json
date
Fri, 10 Nov 2023 14:50:05 GMT
debug
OPTIONS block
expires
Sat, 09 Nov 2024 14:50:05 GMT
server
cloudflare
wrap.js
cdn.confiant-integrations.net/gptprebidnative/202310231203/ 		264 KB
84 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.confiant-integrations.net/gptprebidnative/202310231203/wrap.js
Requested by
Host: cdn.confiant-integrations.net
URL: https://cdn.confiant-integrations.net/qaKtxuL1KR_2Tfmz0NmPaAudsBc/gpt_and_prebid/config.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:90a6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Mon, 23 Oct 2023 16:04:16 GMT
server
cloudflare
x-amz-request-id
30ER055H536S9ZS9
age
13693
etag
W/"866ce4ef9ef41c261f6060e4f642bb88"
x-amz-server-side-encryption
AES256
vary
Accept-Encoding
content-type
application/javascript; charset=utf-8
cache-control
public, max-age=31536000
cf-ray
823f1b184eda369e-YYZ
alt-svc
h3=":443"; ma=86400
x-amz-id-2
lRANe+vBzFO2yKgev/WJr0mubR+1JcV1AhGDSCC1wUt3y4ki9Q+hAigdKiyz5IrkVM5at+xn82c=
d47f4589c55b7b33d16627262e282a9e0cef7501ca9b
functionalfeather.com/af00f84c6f/ 		3 B
29 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://functionalfeather.com/af00f84c6f/d47f4589c55b7b33d16627262e282a9e0cef7501ca9b
Requested by
Host: functionalfeather.com
URL: https://functionalfeather.com/static/1517c2dd0e08/325a0a289ab738d53a080f14b0.main.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2600:1901:0:7416::1 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
Software
/
Resource Hash
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
Security Headers
Name Value
Strict-Transport-Security max-age=15724800; preload

Request headers

Referer
https://www.bleepingcomputer.com/
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

strict-transport-security
max-age=15724800; preload
date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 google
x-buildnumber
1052555292
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
3
x-datacenter
gce-us-central1
x-buildname
hoothoot
vary
Accept-Encoding, Origin
access-control-allow-methods
POST, OPTIONS
content-type
application/json; charset=utf-8
access-control-allow-origin
https://www.bleepingcomputer.com
x-hostname
fen-hoothoot-us-central1-spot-jhcx
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
access-control-allow-headers
DNT,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Cookie
expires
Fri, 10 Nov 2023 14:50:04 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://ssum.casalemedia.com/usermatchredir?s=190549&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0
  • https://ssum.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D17%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DIndex%26api-tier%3D2%26uid%3D&gdpr=0&s=190549&C=1
  • https://cks.connatix.com/cks?pid=17&ev=988483e374904adb898698ef0fa3feff&pname=Index&api-tier=2&uid=ZU5DHXXrhVcq0dq6CZRmeQAA%263541
139 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=17&ev=988483e374904adb898698ef0fa3feff&pname=Index&api-tier=2&uid=ZU5DHXXrhVcq0dq6CZRmeQAA%263541
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c934eae332626c140d7a314afa56c4735e7d0f7cfb0668d792bb2e05b0e4a152

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1b489536ca-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:05 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Cri6f2t9BUjceK%2BhGcAGomNovmGvTmRiKBOsxlI8Ck8VV%2BdvxmOkRnABAWVIAJEr6Crpw9Va6FKI%2B70fV3MV4YngCOfiFYowWZqq2gUvt4o6ub29ZmwD3tPaPym29AyMzU1OzkFI"}],"group":"cf-nel","max_age":604800}
p3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
location
https://cks.connatix.com/cks?pid=17&ev=988483e374904adb898698ef0fa3feff&pname=Index&api-tier=2&uid=ZU5DHXXrhVcq0dq6CZRmeQAA%263541
cache-control
no-cache
cf-ray
823f1b1aab8fa20e-YYZ
alt-svc
h3=":443"; ma=86400
content-length
0
expires
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://match.prod.bidr.io/cookie-sync/connatix?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D15%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DBeeswax%26api-tier%3D2%26uid%3D%7Buserid%7D&g...
  • https://cks.connatix.com/cks?pid=15&ev=988483e374904adb898698ef0fa3feff&pname=Beeswax&api-tier=2&uid=AACFKE7KnIYAABMAa6sJCw&gdpr=0
132 B
153 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=15&ev=988483e374904adb898698ef0fa3feff&pname=Beeswax&api-tier=2&uid=AACFKE7KnIYAABMAa6sJCw&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8467e30c00605a756a3dd67125646b7923a94cc25ae524d2ae5eb3f0558d2af9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1b386336ca-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=15&ev=988483e374904adb898698ef0fa3feff&pname=Beeswax&api-tier=2&uid=AACFKE7KnIYAABMAa6sJCw&gdpr=0
Date
Fri, 10 Nov 2023 14:50:05 GMT
strict-transport-security
max-age=2592000; includeSubDomains
Server
gunicorn
Connection
keep-alive
Content-Length
0
cks
cks.connatix.com/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=gapzaid&ttd_tpi=1&gdpr=0
  • https://cks.connatix.com/cks?pid=19&uid=4c30d2c6-eab6-445f-be5e-0eb6d92a15ab&ttl=1702219805
146 B
158 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=19&uid=4c30d2c6-eab6-445f-be5e-0eb6d92a15ab&ttl=1702219805
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
78a9e4cda2f8e2edcb24e06535ad89d97ddf75582f679dc1d041ce0124e84706

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1b284736ca-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=19&uid=4c30d2c6-eab6-445f-be5e-0eb6d92a15ab&ttl=1702219805
date
Fri, 10 Nov 2023 14:50:05 GMT
server
Kestrel
content-length
213
cks
cks.connatix.com/
Redirect Chain
  • https://ad.turn.com/r/cs?pid=67&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D21%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DAmobee%26api-tier%3D2%26uid%3D%23USER_ID%23&gdpr=0
  • https://cks.connatix.com/cks?pid=21&ev=988483e374904adb898698ef0fa3feff&pname=Amobee&api-tier=2&uid=2438919445928045594
129 B
241 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=21&ev=988483e374904adb898698ef0fa3feff&pname=Amobee&api-tier=2&uid=2438919445928045594
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
070fb3c8b1b626fc7501e5650f69123f832c632c357b5cd77df7c4e9bcb000e0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1d9bf47118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=21&ev=988483e374904adb898698ef0fa3feff&pname=Amobee&api-tier=2&uid=2438919445928045594
pragma
no-cache
date
Fri, 10 Nov 2023 14:50:06 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
cks
cks.connatix.com/
Redirect Chain
  • https://eb2.3lift.com/getuid?redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DTripleLift%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://eb2.3lift.com/getuid?ld=1&gdpr=0&cmp_cs=&us_privacy=&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D25%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DTripleLift%26api-tier%3D2%26uid%...
  • https://cks.connatix.com/cks?pid=25&ev=988483e374904adb898698ef0fa3feff&pname=TripleLift&api-tier=2&uid=3116672581290850982503
132 B
148 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=25&ev=988483e374904adb898698ef0fa3feff&pname=TripleLift&api-tier=2&uid=3116672581290850982503
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c617c14e9268bf4f93033e8867ca604b87af55afbc073462a38e83d1bcf3d34e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1bb96a36ca-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=25&ev=988483e374904adb898698ef0fa3feff&pname=TripleLift&api-tier=2&uid=3116672581290850982503
date
Fri, 10 Nov 2023 14:50:05 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
cks
cks.connatix.com/
Redirect Chain
  • https://secure.adnxs.com/getuid?https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D6%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DAppNexus%26api-tier%3D2%26uid%3D%24UID=&gdpr=0
  • https://secure.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fcks.connatix.com%252Fcks%253Fpid%253D6%2526ev%253D988483e374904adb898698ef0fa3feff%2526pname%253DAppNexus%2526api-tier%253D2%2526uid%...
  • https://cks.connatix.com/cks?pid=6&ev=988483e374904adb898698ef0fa3feff&pname=AppNexus&api-tier=2&uid=2043365517544706506=&gdpr=0
129 B
152 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=6&ev=988483e374904adb898698ef0fa3feff&pname=AppNexus&api-tier=2&uid=2043365517544706506=&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d85eeae609686d448cbf96e155315ac52d37c999a688f214ead283474632fa38

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1af80036ca-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:05 GMT
an-x-request-uuid
7325af1e-cc6d-49d1-a472-c86af2d61aa5
server
nginx/1.21.3
accept-ch
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
p3p
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
content-type
text/html; charset=utf-8
access-control-allow-origin
*
cache-control
no-store, no-cache, private
access-control-allow-credentials
true
location
https://cks.connatix.com/cks?pid=6&ev=988483e374904adb898698ef0fa3feff&pname=AppNexus&api-tier=2&uid=2043365517544706506=&gdpr=0
x-proxy-origin
70.28.97.148; 70.28.97.148; 577.bm-nginx-loadbalancer.mgmt.nym2.adnexus.net; adnxs.com
content-length
0
x-xss-protection
0
expires
Sat, 15 Nov 2008 16:00:00 GMT
pixel
capi.connatix.com/us/
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&gdpr=0
  • https://sync.1rx.io/usersync2/rmpssp?sub=connatix&zcc=1&cb=1699627805803
  • https://ad.turn.com/r/cs?pid=45&rndcb=4435125705
  • https://sync.1rx.io/usersync/turn/2366861851890117658?dspret=1&gdpr=&gdpr_consent=&us_privacy=
  • https://sync.targeting.unrulymedia.com/csync/RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005?redir=https%3A%2F%2Fcapi.connatix.com%2Fus%2Fpixel%3Fpuid%3DRX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005%26pI...
  • https://capi.connatix.com/us/pixel?puid=RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005&pId=44
82 B
373 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/us/pixel?puid=RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005&pId=44
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
surrogate-control
no-cache, no-store, must-revalidate, max-age=0
vary
Accept-Encoding
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate, max-age=0
cf-ray
823f1b209cfaa250-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://capi.connatix.com/us/pixel?puid=RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005&pId=44
Date
Fri, 10 Nov 2023 14:50:06 GMT
Content-Type
text/html
Connection
keep-alive
ETag
RXb63dfe2bd09247babd7f852dd7241121005
Transfer-Encoding
chunked
P3P
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
sync
ssbsync.smartadserver.com/api/ 		0
0 		Script
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=6&gdpr=0&gdpr_consent=null
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/402.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
23.105.12.143 Manassas, United States, ASN30633 (LEASEWEB-USA-WDC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers
multi-sync.html
secure-assets.rubiconproject.com/utils/xapi/ Frame 6B95 		0
0
/
ssc-cms.33across.com/ps/ Frame C239 		0
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 17F7 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=561340&daaqp=1&ev=1&rurl=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D13%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DPulsePoint%26api-tier%3D2%26uid%3D%...
  • https://cks.connatix.com/cks?pid=13&ev=988483e374904adb898698ef0fa3feff&pname=PulsePoint&api-tier=2&uid=x1yWj9vz06Rn
122 B
165 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=13&ev=988483e374904adb898698ef0fa3feff&pname=PulsePoint&api-tier=2&uid=x1yWj9vz06Rn
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8e55883a33144ee33d22ddbdb2ffa3d2c276274709aa60497042055c405295b9

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1ba93736ca-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

strict-transport-security
max-age=15768000
accept-ch
Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform-Version
server
Jetty(10.0.14)
content-language
en-CA
location
https://cks.connatix.com/cks?pid=13&ev=988483e374904adb898698ef0fa3feff&pname=PulsePoint&api-tier=2&uid=x1yWj9vz06Rn
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-6b57df6cd5-77cz2
expires
-1
cks
cks.connatix.com/
Redirect Chain
  • https://i.ctnsnet.com/int/cm?exc=24&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D28%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCrimtan%26api-tier%3D2%26uid%3D%5Buser_id%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=28&ev=988483e374904adb898698ef0fa3feff&pname=Crimtan&api-tier=2&uid=dfa031f2fead495bb2f4a1e94b13fe1a
142 B
286 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=28&ev=988483e374904adb898698ef0fa3feff&pname=Crimtan&api-tier=2&uid=dfa031f2fead495bb2f4a1e94b13fe1a
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
88302eaeffb9c416e305069da09addcf17adb4effb7aa7f534efc76cee94751d

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1c5a117118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NOI DSP COR NID CUR OUR NOR"
status
302
location
https://cks.connatix.com/cks?pid=28&ev=988483e374904adb898698ef0fa3feff&pname=Crimtan&api-tier=2&uid=dfa031f2fead495bb2f4a1e94b13fe1a
content-type
text/html;charset=UTF-8
cache-control
no-cache, must-revalidate
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
x-xss-protection
1; mode=block
expires
Fri, 01 Jan 1990 00:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://csync.loopme.me/?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D18%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DLoopMe%26api-tier%3D2%26uid%3D%7Bdevice_id%7D%26pubid%3D11186&gdpr=0
  • https://cks.connatix.com/cks?pid=18&ev=988483e374904adb898698ef0fa3feff&pname=LoopMe&api-tier=2&uid=bd8e0b39-ab1f-4316-bfab-183a9eb016f0&pubid=11186&gdpr=0
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=18&ev=988483e374904adb898698ef0fa3feff&pname=LoopMe&api-tier=2&uid=bd8e0b39-ab1f-4316-bfab-183a9eb016f0&pubid=11186&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
284a6e443e6902cda94a51b4a140c8310f92c4d8bfc63834369e8552f7553df5

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1efe347118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=18&ev=988483e374904adb898698ef0fa3feff&pname=LoopMe&api-tier=2&uid=bd8e0b39-ab1f-4316-bfab-183a9eb016f0&pubid=11186&gdpr=0
date
Fri, 10 Nov 2023 14:50:06 GMT
server
_
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://pixel-sync.sitescout.com/dmp/pixelSync?nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCentro%26api-tier%3D2%26uid%3D%7BuserId...
  • https://pixel-sync.sitescout.com/dmp/pixelSync?cookieQ=1&nid=105&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DCentro%26api-tier%3D2%26uid%3...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://sync.crwdcntrl.net/qmap?c=1389&tp=STSC&tpid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0&gdpr_consent=&d=https%3A%2F%2Fpixel.tapad.com%2Fidsync%2Fex%2Fpush%3Fpartner_id%3D2499%...
  • https://pixel.tapad.com/idsync/ex/push?partner_id=2499&partner_device_id=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D988483e...
  • https://pixel.tapad.com/idsync/ex/push/check?partner_id=2499&partner_device_id=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&partner_url=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D9%26ev%3D9...
  • https://cks.connatix.com/cks?pid=9&ev=988483e374904adb898698ef0fa3feff&pname=Centro&api-tier=2&uid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0
159 B
264 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=9&ev=988483e374904adb898698ef0fa3feff&pname=Centro&api-tier=2&uid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e6663c3046cd9369e7cb1a9553b09184f68a1db1b46d7caf6f2524db14cfe4ab

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:07 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b234d7b7118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

date
Fri, 10 Nov 2023 14:50:07 GMT
strict-transport-security
max-age=31536000
via
1.1 google
accept-ch
Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server
Jetty(11.0.13)
p3p
policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin
*
location
https://cks.connatix.com/cks?pid=9&ev=988483e374904adb898698ef0fa3feff&pname=Centro&api-tier=2&uid=52fa3f48-434f-4fc7-8e26-b6e14fc39b4d-654e431e-4341&gdpr=0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://ads.yieldmo.com/pbsync?is=smartnews&redirectUri=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D39%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DYieldMo%26api-tier%3D2%26uid%3D%24UID&gdpr=0
  • https://cks.connatix.com/cks?pid=39&ev=988483e374904adb898698ef0fa3feff&pname=YieldMo&api-tier=2&uid=3Few6FFuuwFJ23Q7z_pm&gdpr=0
130 B
243 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=39&ev=988483e374904adb898698ef0fa3feff&pname=YieldMo&api-tier=2&uid=3Few6FFuuwFJ23Q7z_pm&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9ba9a3304a6f818b718978da4a9de24531a79fab766004c19be609674161700e

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1eee297118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:06 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
application/json;charset=utf-8
location
https://cks.connatix.com/cks?pid=39&ev=988483e374904adb898698ef0fa3feff&pname=YieldMo&api-tier=2&uid=3Few6FFuuwFJ23Q7z_pm&gdpr=0
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
0
cks
cks.connatix.com/
Redirect Chain
  • https://connatix-supply-partners.tremorhub.com/sync?UISCX=988483e374904adb898698ef0fa3feff&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D5%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DTel...
  • https://cks.connatix.com/cks?pid=5&ev=988483e374904adb898698ef0fa3feff&pname=Telaria&api-tier=2&uid=5d9a57c356f449c6b7a99eebc0f374d5
141 B
249 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=5&ev=988483e374904adb898698ef0fa3feff&pname=Telaria&api-tier=2&uid=5d9a57c356f449c6b7a99eebc0f374d5
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
82e7c81d19dba9144cbb07f64a24652745a025a0b8fbd015d26cb37ce6d3ec71

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1dbc307118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=5&ev=988483e374904adb898698ef0fa3feff&pname=Telaria&api-tier=2&uid=5d9a57c356f449c6b7a99eebc0f374d5
date
Fri, 10 Nov 2023 14:50:06 GMT
server
nginx
content-length
0
p3p
CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
us
capi.connatix.com/core/
Redirect Chain
  • https://ads.stickyadstv.com/user-matching?id=3672&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
  • https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=d9dec347c48bf1f0438dc68455539d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
0
267 B 		Script
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=d9dec347c48bf1f0438dc68455539d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
172.64.146.152 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
cf-cache-status
DYNAMIC
server
cloudflare
content-type
application/json
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1de876a250-YYZ
access-control-allow-headers
x-sec-ch-ua-platform-version, x-sec-ch-ua-full-version-list, x-sec-ch-ua-arch, x-sec-ch-ua-bitness, x-sec-ch-ua-model
content-length
0
alt-svc
h3=":443"; ma=86400

Redirect headers

Pragma
no-cache
Date
Fri, 10 Nov 2023 14:50:06 GMT
Server
nginx
Access-Control-Allow-Origin
*
Location
https://capi.connatix.com/core/us?DemandPartner=33&DemandPartnerName=FreeWheel&DemandPartnerUserId=d9dec347c48bf1f0438dc68455539d&_fw_gdpr=0&_fw_gdpr_consent=null&gdpr=0
Cache-Control
no-cache
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
x-sticky-vk
1699627806254063-154
sync-iframe
cs-server-s2s.yellowblue.io/ Frame C6F0 		0
0
cks
cks.connatix.com/
Redirect Chain
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr=0
  • https://vop.sundaysky.com/sync/dmp?redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D1%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DSundaySky%26api-tier%3D2%26uid%3D%24%7Bssky_uuid%7D&gdpr...
  • https://cks.connatix.com/cks?pid=1&ev=988483e374904adb898698ef0fa3feff&pname=SundaySky&api-tier=2&uid=d6.76f44cc812f34974891b1fb6c3241cde
144 B
252 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=1&ev=988483e374904adb898698ef0fa3feff&pname=SundaySky&api-tier=2&uid=d6.76f44cc812f34974891b1fb6c3241cde
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5b3f621d2fb31f213e6b1050c70dc5de512ee545cd324c211bedbf917ead0ba7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1f2e6f7118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=1&ev=988483e374904adb898698ef0fa3feff&pname=SundaySky&api-tier=2&uid=d6.76f44cc812f34974891b1fb6c3241cde
date
Fri, 10 Nov 2023 14:50:06 GMT
x-content-type-options
nosniff
content-length
0
x-frame-options
DENY
cks
cks.connatix.com/
Redirect Chain
  • https://sync.resetdigital.co/csync?pid=connatix&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D35%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DResetDigital%26api-tier%3D2%26uid%3D%24USER_I...
  • https://cks.connatix.com/cks?pid=35&ev=988483e374904adb898698ef0fa3feff&pname=ResetDigital&api-tier=2&uid=0000011B92F3AFAE
126 B
240 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=35&ev=988483e374904adb898698ef0fa3feff&pname=ResetDigital&api-tier=2&uid=0000011B92F3AFAE
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
70b66c78178b496a31ed4e7792d1f48a8615c2d18243440ce04946eeca71b779

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1dec7b7118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

location
https://cks.connatix.com/cks?pid=35&ev=988483e374904adb898698ef0fa3feff&pname=ResetDigital&api-tier=2&uid=0000011B92F3AFAE
date
Fri, 10 Nov 2023 14:50:06 GMT
cache-control
no-cache, no-store, must-revalidate
accept-ranges
bytes
content-length
0
content-type
text/html
cks
cks.connatix.com/
Redirect Chain
  • https://sync.go.sonobi.com/us?loc=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D43%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DSonobi%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
  • https://cks.connatix.com/cks?pid=43&ev=988483e374904adb898698ef0fa3feff&pname=Sonobi&api-tier=2&uid=c9a754b4-bf68-4185-aca4-ed4187cd10e6
146 B
253 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=43&ev=988483e374904adb898698ef0fa3feff&pname=Sonobi&api-tier=2&uid=c9a754b4-bf68-4185-aca4-ed4187cd10e6
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4131bd98b9b5c48a3468378bb866cd9a196ff89e4e69550a4d97cc35af52be94

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1eadbb7118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:06 GMT
server
sonobi-go
vary
negotiate,Accept-Encoding
x-go-server
go-iad-2-5-73
content-type
text/plain; charset=utf8
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://cks.connatix.com/cks?pid=43&ev=988483e374904adb898698ef0fa3feff&pname=Sonobi&api-tier=2&uid=c9a754b4-bf68-4185-aca4-ed4187cd10e6
cache-control
no-cache, no-store, private
tcn
Choice
content-length
0
x-xss-protection
0
expires
Sat, 26 Jul 1997 05:00:00 GMT
cks
cks.connatix.com/
Redirect Chain
  • https://xsync.iqzone.com/psync?t=s&e=376&cb=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D42%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DIqZone%26api-tier%3D2%26uid%3D%25USER_ID%25&gdpr=0
  • https://cks.connatix.com/cks?pid=42&ev=988483e374904adb898698ef0fa3feff&pname=IqZone&api-tier=2&uid=6ec272ec-4ae6-4585-97fd-0df9960d0602
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=42&ev=988483e374904adb898698ef0fa3feff&pname=IqZone&api-tier=2&uid=6ec272ec-4ae6-4585-97fd-0df9960d0602
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
f6b55d2668872c85e2f19fdd64e4012da449383e06590e04fb422180024fd5d7

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b1faf357118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

Date
Fri, 10 Nov 2023 14:50:06 GMT
Server
nginx
Transfer-Encoding
chunked
Access-Control-Allow-Methods
GET, POST, OPTIONS
Location
https://cks.connatix.com/cks?pid=42&ev=988483e374904adb898698ef0fa3feff&pname=IqZone&api-tier=2&uid=6ec272ec-4ae6-4585-97fd-0df9960d0602
Access-Control-Allow-Credentials
true
Connection
keep-alive
Access-Control-Allow-Headers
DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
cks
cks.connatix.com/
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=connatix&cspid=25&append=0&cb=%24%7BADELPHIC_CACHE_BUSTER%7D&redirect=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D29%26ev%3D988483e374904...
  • https://cks.connatix.com/cks?pid=29&ev=988483e374904adb898698ef0fa3feff&pname=Adelphic&api-tier=2&uid=33e69a78-75a5-4208-9622-334aff0b4b05
146 B
254 B 		Script
General
Check archive.org
Download Go to
Full URL
https://cks.connatix.com/cks?pid=29&ev=988483e374904adb898698ef0fa3feff&pname=Adelphic&api-tier=2&uid=33e69a78-75a5-4208-9622-334aff0b4b05
Requested by
Host: blank
URL: about:blank
Protocol
H3
Server
104.18.41.104 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
df2b264f22e36ef449196840eeb0f761529d8e0b54e4a485e13ef24a6506bc41

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
content-encoding
br
server
cloudflare
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
cf-ray
823f1b20381f7118-YYZ
alt-svc
h3=":443"; ma=86400

Redirect headers

Location
https://cks.connatix.com/cks?pid=29&ev=988483e374904adb898698ef0fa3feff&pname=Adelphic&api-tier=2&uid=33e69a78-75a5-4208-9622-334aff0b4b05
Date
Fri, 10 Nov 2023 14:50:06 GMT
Connection
keep-alive
X-CI-RTID
0fae3895-affb-47b3-865f-c1e1e3d898de
Content-Length
177
Content-Type
text/html; charset=utf-8
cm
us-u.openx.net/w/1.0/ Frame 812E 		0
0
cksync
cs.media.net/ Frame 812E 		0
0
712202.gif
id.rlcdn.com/ Frame 812E 		0
0
pixel
capi.connatix.com/us/google/ Frame 812E 		0
0
1a1c07e870d45c05896c3f9e9973d4b4.gif
sync.colossusssp.com/ Frame 812E 		0
0
ProfilesEngineServlet
sync.intentiq.com/profiles_engine/ Frame 812E 		0
0
81549
i.liadm.com/s/ Frame 812E 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		102 KB
31 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: cds.connatix.com
URL: https://cds.connatix.com/p/375093/connatix.playspace.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2607:f8b0:4004:c07::9b Washington, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e6111e59707c10f7067f65e596db7d0f265ffa10f5bdadaa72c43267f1ccd701
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
https://www.bleepingcomputer.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
31726
x-xss-protection
0
server
cafe
etag
358 / 19671 / 31079530 / config-hash: 2511228162032463359
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 10 Nov 2023 14:50:05 GMT
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame 812E 		0
0
8dc92fc6-ace2-4566-96fd-345411b52520.bin
vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/ Frame 812E 		0
0
json
gum.criteo.com/sid/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=prebid&topUrl=about%3A%2F%2F%2F&cw=1&lsw=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2620:100:a001::c , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
https://www.bleepingcomputer.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 10 Nov 2023 14:50:05 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
193603
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
sid
mug.criteo.com/
Redirect Chain
  • https://gum.criteo.com/sid/json?origin=prebid&topUrl=about%3A%2F%2F%2F&cw=1&lsw=1
  • https://mug.criteo.com/sid?cpp=luXabXxDNVhnNlZRUXY5RHQrNUphVVJ5NTNxdE5uNkpMakVGTlBVVnpEc1lDNTZXZDNmNVpMTmNsdy9aUVpNSVNVQ0FxN0NkV0xPQXZubE9maTJVbEd4NUpPc1Vqa3dWWW9jcG5XT1Z5ZkFVVmR0MThHaytHK1J3Yy9FZT...
290 B
610 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=luXabXxDNVhnNlZRUXY5RHQrNUphVVJ5NTNxdE5uNkpMakVGTlBVVnpEc1lDNTZXZDNmNVpMTmNsdy9aUVpNSVNVQ0FxN0NkV0xPQXZubE9maTJVbEd4NUpPc1Vqa3dWWW9jcG5XT1Z5ZkFVVmR0MThHaytHK1J3Yy9FZTdycTkySm1zd3dtMll3dEliYTRVMDRRMDZOVEJxY2R5a2pXRS8xUjRGZTA3NFFvTDNGVTkzT0JzRWhlcEIzL2k0UzlzR3Z0emkvbEx4eWtmcmNidjIrM1Blb2IvSDBRPT18&cppv=2
Requested by
Host: blank
URL: about:blank
Protocol
H2
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
895b5a019be6f6b0019713e1a5fae70be4f917cd6e0e4237fce134766f103e17
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:06 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
access-control-allow-methods
GET
content-type
application/json; charset=utf-8
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
818139
expires
0

Redirect headers

pragma
no-cache
date
Fri, 10 Nov 2023 14:50:05 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
access-control-allow-methods
GET
access-control-allow-origin
https://www.bleepingcomputer.com
location
https://mug.criteo.com/sid?cpp=luXabXxDNVhnNlZRUXY5RHQrNUphVVJ5NTNxdE5uNkpMakVGTlBVVnpEc1lDNTZXZDNmNVpMTmNsdy9aUVpNSVNVQ0FxN0NkV0xPQXZubE9maTJVbEd4NUpPc1Vqa3dWWW9jcG5XT1Z5ZkFVVmR0MThHaytHK1J3Yy9FZTdycTkySm1zd3dtMll3dEliYTRVMDRRMDZOVEJxY2R5a2pXRS8xUjRGZTA3NFFvTDNGVTkzT0JzRWhlcEIzL2k0UzlzR3Z0emkvbEx4eWtmcmNidjIrM1Blb2IvSDBRPT18&cppv=2
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
server-processing-duration-in-ticks
264908
content-length
0
expires
0
pbhid
id.hadron.ad.gt/api/v1/ 		227 B
213 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id.hadron.ad.gt/api/v1/pbhid?partner_id=474&_it=prebid
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::6816:445 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7342a8017bbe7e15989ba39b6cac0999e4348393af014fb43ed5da4aa2795dbb

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
gzip
server
cloudflare
allow
POST, OPTIONS, GET
vary
Accept-Encoding
content-type
application/json
access-control-allow-origin
*
cf-ray
823f1b19b8bf3a00-YYZ
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Accept
rid
match.adsrvr.org/track/ 		109 B
571 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=6bjin1p&fmt=json
Requested by
Host: a.pub.network
URL: https://a.pub.network/core/prebid-analytics-7.48.4.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.33.220.150 Seattle, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a12b7a488abeaa9e4.awsglobalaccelerator.com
Software
Kestrel /
Resource Hash
005844ea7468bcb3ca82cf6a79b3dd3ee338e1e54e7d8e97cb7a95ad84a2cf3f

Request headers

Referer
accept-language
en-CA,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36
Content-Type
text/plain

Response headers

date
Fri, 10 Nov 2023 14:50:05 GMT
content-encoding
gzip
server
Kestrel
vary
Origin, Accept-Encoding
content-type
application/json
access-control-allow-origin
https://www.bleepingcomputer.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
expires
Sun, 10 Dec 2023 14:50:05 GMT
state
api.btloader.com/mw/ 		0
101 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://api.btloader.com/mw/state?bt_env=prod
Requested by
Host: freestar-io.videoplayerhub.com
URL: https://freestar-io.videoplayerhub.com/gallery.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
130.211.23.194 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
194.23.211.130.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-origin
*
date
Fri, 10 Nov 2023 14:50:05 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
vary
Origin
px.gif
ad-delivery.net/ 		43 B
923 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=2
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
756733
x-guploader-uploadid
ABPtcPpHCJ0aYJ-LBkNqyy4YULIwTi00WQQ_VAx2Ual81TaLE65v3fIY2LCCxLjYIULQ_2YnG7c
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=kWu7AIqVaOtyqZasZnIHTMuLz7nwojNCuNw7TTFKqsOdgvMy%2FhUjGBWvcnBU%2BV53BO43dGgzHUp0KqykNUpQp5OFzCSZBZh%2F%2B%2FDOfVDtt%2FPvVdoAFrtBa52f6gP9jEU%2F47ss%2FJZFQk4urIfA4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
823f1b1f5ce83a07-YYZ
expires
Wed, 01 Nov 2023 20:50:59 GMT
favicon.ico
ad.doubleclick.net/ 		1 KB
170 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.doubleclick.net/favicon.ico?ad=300x250&ad_box_=1&adnet=1&showad=1&size=250x250
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.251.16.148 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
bl-in-f148.1e100.net
Software
sffe /
Resource Hash
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 00:32:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
51462
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
104
x-xss-protection
0
last-modified
Tue, 08 May 2012 13:08:06 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type
image/x-icon
access-control-allow-origin
*
cache-control
public, max-age=86400
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="ads-doubleclick-media"
expires
Sat, 11 Nov 2023 00:32:23 GMT
px.gif
ad-delivery.net/ 		43 B
343 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad-delivery.net/px.gif?ch=1&e=0.9254557615033465
Requested by
Host: blank
URL: about:blank
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:246 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language
en-CA,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

date
Fri, 10 Nov 2023 14:50:06 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
756733
x-guploader-uploadid
ABPtcPpHCJ0aYJ-LBkNqyy4YULIwTi00WQQ_VAx2Ual81TaLE65v3fIY2LCCxLjYIULQ_2YnG7c
x-goog-storage-class
MULTI_REGIONAL
x-goog-metageneration
5
x-goog-stored-content-encoding
identity
content-length
43
last-modified
Wed, 05 May 2021 19:25:32 GMT
server
cloudflare
etag
"ad4b0f606e0f8465bc4c4c170b37e1a3"
vary
Accept-Encoding
x-goog-generation
1620242732037093
content-type
image/gif
access-control-allow-origin
*
x-goog-hash
crc32c=cpEfJQ==, md5=rUsPYG4PhGW8TEwXCzfhow==
access-control-expose-headers
*, Content-Length, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control
public, max-age=86400
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ORD4uDcHUfhR3b%2FNBPrZilxsUhQIcz56wKiSgPib1uM0j6SNF%2Fj8Nygdu7Ic%2FcY%2BG2nT%2FWbb45IbD8xFPEd9vfUUTxXTvwGSyl%2B4yRBch72RmHdoEoBSXYKo90MVSrJWvo57qDJLlxHXMJM1ug%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length
43
accept-ranges
bytes
cf-ray
823f1b1f5cec3a07-YYZ
expires
Wed, 01 Nov 2023 20:50:59 GMT
sid
mug.criteo.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://mug.criteo.com/sid?cpp=luXabXxDNVhnNlZRUXY5RHQrNUphVVJ5NTNxdE5uNkpMakVGTlBVVnpEc1lDNTZXZDNmNVpMTmNsdy9aUVpNSVNVQ0FxN0NkV0xPQXZubE9maTJVbEd4NUpPc1Vqa3dWWW9jcG5XT1Z5ZkFVVmR0MThHaytHK1J3Yy9FZTdycTkySm1zd3dtMll3dEliYTRVMDRRMDZOVEJxY2R5a2pXRS8xUjRGZTA3NFFvTDNGVTkzT0JzRWhlcEIzL2k0UzlzR3Z0emkvbEx4eWtmcmNidjIrM1Blb2IvSDBRPT18&cppv=2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.119.119.139 , United States, ASN19750 (AS-CRITEO, US),
Reverse DNS
Software
Kestrel /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Accept
*/*
Access-Control-Request-Headers
content-type
Access-Control-Request-Method
GET
Origin
null
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.6045.123 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
content-type
access-control-allow-methods
GET
access-control-allow-origin
null
cache-control
no-cache, no-store, must-revalidate
content-encoding
gzip
content-type
application/json; charset=utf-8
date
Fri, 10 Nov 2023 14:50:06 GMT
expires
0
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
196349
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
csi
csi.gstatic.com/ 		0
0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
secure-assets.rubiconproject.com
URL
https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=19564_2&endpoint=us-east&gdpr=0
Domain
ssc-cms.33across.com
URL
https://ssc-cms.33across.com/ps/?m=xch&rt=html&id=0015a00002y7TWTAA2&ru=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D37%26UserId%3D988483e374904adb898698ef0fa3feff%26DemandPartnerName%3D_33Across%26tier%3D2%26DemandPartnerUserId%3D33XUSERID33X&gdpr=0
Domain
ads.pubmatic.com
URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156592&predirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D2%26UserId%3D988483e374904adb898698ef0fa3feff%26DemandPartnerName%3DPubmatic%26tier%3D2%26DemandPartnerUserId%3D&gdpr=0
Domain
cs-server-s2s.yellowblue.io
URL
https://cs-server-s2s.yellowblue.io/sync-iframe?gdpr={gdpr}&gdpr_consent={gdpr_consent}&redirect=https%3a%2f%2fcks.connatix.com%2fcks%3fpid%3d24%26ev%3d988483e374904adb898698ef0fa3feff%26pname%3dIronSource%26api-tier%3d2%26uid%3d{partnerId}%26direct%3D1
Domain
us-u.openx.net
URL
https://us-u.openx.net/w/1.0/cm?id=7cf4c6c4-b915-4cbd-83cc-28c0f662a829&ph=51e220cb-8c97-4a65-b047-91c933b79b78&r=https%3a%2f%2fcapi.connatix.com%2fcore%2fus%3fDemandPartner%3d8%26UserId%3d988483e374904adb898698ef0fa3feff%26DemandPartnerName%3dOpenX%26tier%3d2%26DemandPartnerUserId%3d
Domain
cs.media.net
URL
https://cs.media.net/cksync?cs=37&type=cn&redirect=https%3A%2F%2Fcapi.connatix.com%2Fcore%2Fus%3FDemandPartner%3D31%26UserId%3D988483e374904adb898698ef0fa3feff%26DemandPartnerName%3DMediaNet%26tier%3D2%26DemandPartnerUserId%3D%3Cvsid%3E&gdpr=0
Domain
id.rlcdn.com
URL
https://id.rlcdn.com/712202.gif?cparams=988483e374904adb898698ef0fa3feff&gdpr=0
Domain
capi.connatix.com
URL
https://capi.connatix.com/us/google/pixel?tier=2&gdpr=0
Domain
sync.colossusssp.com
URL
https://sync.colossusssp.com/1a1c07e870d45c05896c3f9e9973d4b4.gif?puid=988483e374904adb898698ef0fa3feff&redir=https%3A%2F%2Fcks.connatix.com%2Fcks%3Fpid%3D34%26ev%3D988483e374904adb898698ef0fa3feff%26pname%3DColossus%26api-tier%3D2%26uid%3D%5BUID%5D&gdpr=0
Domain
sync.intentiq.com
URL
https://sync.intentiq.com/profiles_engine/ProfilesEngineServlet?at=20&mi=10&dpi=372401555&pcid=988483e374904adb898698ef0fa3feff
Domain
i.liadm.com
URL
https://i.liadm.com/s/81549?bidder_id=246480&bidder_uuid=988483e374904adb898698ef0fa3feff
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Domain
vid.connatix.com
URL
https://vid.connatix.com/pid-067e5169-ece3-4ce8-87ad-c7961b8bb396/d59f5d0c-2087-416a-821c-141798bc501e/8dc92fc6-ace2-4566-96fd-345411b52520.bin
Domain
csi.gstatic.com
URL
https://csi.gstatic.com/csi?v=2&s=pagead&action=csi_pagead&dmc=8&top=1&puid=1~losqifqy&c=2399244328977114&e=31061691%2C31061692&ctx=1&met.3=247.181~164.182_1~165.17y_5~166.17j_1c~1001.18v_1__1~164.18w~165.18v_2~1032.1ly~216.1ly_5~215.1ly_5~843.1ln_f~639.1m2~1032.1mj~326.1mk~832.1ml~868.1ml~216.1mj_n~215.1mi_p~889.1o8~639.1of~112.1yc_1~429.23a_2~210.29p_1~522.29q_1&met.9=1.1ro~2.1v2

Verdicts & Comments Add Verdict or Comment

108 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| documentPictureInPicture function| $ function| jQuery function| cnxps object| freestar object| apd_options function| gtag object| dataLayer object| adsbygoogle function| Blazy object| fixto function| validate_comment_box_not_empty function| cz_strip_tags function| cz_br2nl function| editForm string| loginhash boolean| main_nav_hide_flag number| scrollTop string| main_nav_hide_timer function| call_main_nav_hide number| cz_header_pos number| prevScrollTop function| loadDeferredStyles function| raf function| admiral object| googletag boolean| fifabAlready function| fi_fab object| _comscore object| fsprebid undefined| commonInit function| visibilityEventsManagerDOM function| visibilityEventsManager function| scrollEventsManager function| DeviceDetector object| FI object| JSON_PIWIK object| _fipaq object| FIPiwik object| AnalyticsTracker function| fiQuery object| google_tag_manager object| google_tag_data string| GoogleAnalyticsObject function| ga object| google_js_reporting_queue number| google_srt object| google_persistent_state_async object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state object| google_sa_queue function| google_process_slots boolean| google_apltlad function| google_spfd number| google_unique_id object| google_sv_map number| google_rum_task_id_counter string| google_user_agent_client_hint function| 4dm1r11545242527 function| load_script function| onYouTubeIframeAPIReady object| gaGlobal object| cnx_player_usr_storage function| google_sa_impl object| google_image_requests number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| COMSCORE object| ns_p object| gaplugins object| gaData object| fsprebidChunk object| _pbjsGlobals object| mnet object| cnx_usr_storage object| confiant object| google_rum_config function| _hadron function| _typeof function| _createForOfIteratorHelper function| _unsupportedIterableToArray function| _arrayLikeToArray function| IntentIqObject function| PartnersWinEvent object| iiq_object_array object| fiUtils object| $customVisiblity object| $waitOn object| _google_rum_ns_ object| google_llp object| hadron boolean| __halo_loaded__ object| player_instance_c20d1bd7f8c842169447c8e8c9f5e593 object| cnxPlugins object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| __bt_intrnl object| __bt object| __bt_tag_d object| __bt_tag_am function| cnxAddEventListener

60 Cookies

Domain/Path Name / Value
.bleepingcomputer.com/ Name: session_id
Value: 2d7c2ad5df4e0e7466b956d5956ed062
www.bleepingcomputer.com/ Name: lav
Value: 18194
.pub.network/ Name: _fsuid
Value: ca2f3a20-24a0-4530-9da5-032e8ab086eb
.bleepingcomputer.com/ Name: _ga_GD465VRQLD
Value: GS1.1.1699627804.1.0.1699627804.0.0.0
.bleepingcomputer.com/ Name: _ga
Value: GA1.2.1179475407.1699627805
.bleepingcomputer.com/ Name: _gid
Value: GA1.2.413420803.1699627805
.bleepingcomputer.com/ Name: _gat_gtag_UA_91740_1
Value: 1
.scorecardresearch.com/ Name: UID
Value: 1C2d489cf6ac1dc2e91088b1699627804
cdn.firstimpression.io/ Name: OAID
Value: 09c52e2ef2538e40fc78049bd9e23bab
.connatix.com/ Name: cnx_userId
Value: 988483e374904adb898698ef0fa3feff
www.bleepingcomputer.com/ Name: cnx_userId
Value: 988483e374904adb898698ef0fa3feff
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.bleepingcomputer.com/ Name: _awl
Value: 2.1699627805.5-05227a2d0ba76f2c1701b41b68346cb1-6763652d75732d63656e7472616c31-0
.intentiq.com/ Name: IQver
Value: 1.9
.intentiq.com/ Name: intentIQ
Value: chXatfJtlo
www.bleepingcomputer.com/ Name: _pbjs_userid_consent_data
Value: 3524755945110770
.bleepingcomputer.com/ Name: cookie
Value: 89ed12a3-c699-409e-af47-77e9ae36f6a8
.casalemedia.com/ Name: CMID
Value: ZU5DHXXrhVcq0dq6CZRmeQAA
.casalemedia.com/ Name: CMPS
Value: 3541
.casalemedia.com/ Name: CMPRO
Value: 3541
.adnxs.com/ Name: uuid2
Value: 2043365517544706506
.adsrvr.org/ Name: TDID
Value: 4c30d2c6-eab6-445f-be5e-0eb6d92a15ab
.intentiq.com/ Name: CSDT
Value: UEQ6MTUwNzJfMCZUdkRkM3ph
.intentiq.com/ Name: IQPData
Value: 1176265108#1699627805867#0#1699627805867
.intentiq.com/ Name: ASDT
Value: 0
.intentiq.com/ Name: intentIQCDate
Value: 1699627805868
.intentiq.com/ Name: IQMID
Value: 1176265108#1699627805870
.3lift.com/ Name: tluid
Value: 3116672581290850982503
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwjck4fv4YGxPBAFOAE.
.bidr.io/ Name: bito
Value: AACFKE7KnIYAABMAa6sJCw
.bidr.io/ Name: bitoIsSecure
Value: ok
.contextweb.com/ Name: V
Value: x1yWj9vz06Rn
.contextweb.com/ Name: pb_rtb_ev
Value: 3-1nwx|7Xz.0.1
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 26be779deb7ab66d
.smartadserver.com/ Name: pid
Value: 2676045916220758765
.ctnsnet.com/ Name: cid_dfa031f2fead495bb2f4a1e94b13fe1a
Value: 1
.sitescout.com/ Name: ssi
Value: 52fa3f48-434f-4fc7-8e26-b6e14fc39b4d#1699627806223
.turn.com/ Name: uid
Value: 2438919445928045594
.tremorhub.com/ Name: tvid
Value: 5d9a57c356f449c6b7a99eebc0f374d5
.tremorhub.com/ Name: tv_UISCX
Value: 988483e374904adb898698ef0fa3feff
.resetdigital.co/ Name: ckbk
Value: 0000011B92F3AFAE
.ads.stickyadstv.com/ Name: UID
Value: d9dec347c48bf1f0438dc68455539d
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005%22%2C%22nxtrdr%22%3Afalse%7D
.sitescout.com/ Name: _ssuma
Value: eyIzOSI6MTY5OTYyNzgwNjM4NywiNyI6MTY5OTYyNzgwNjM4N30
.sundaysky.com/ Name: sskyu
Value: d6.76f44cc812f34974891b1fb6c3241cde
.sundaysky.com/ Name: sskyCreationTime
Value: 1699627806441
.go.sonobi.com/ Name: __uis
Value: c9a754b4-bf68-4185-aca4-ed4187cd10e6
.go.sonobi.com/ Name: HAPLB8G
Value: s8573|ZU5DI
.yieldmo.com/ Name: yieldmo_id
Value: 3Few6FFuuwFJ23Q7z_pm%7C1699574400000%7C0
.csync.loopme.me/ Name: viewer_token
Value: bd8e0b39-ab1f-4316-bfab-183a9eb016f0
.sundaysky.com/ Name: sskya
Value: "e2N4Ont0czoiNDNueWppIix0OiJuaSJ9fQ=="
.ipredictive.com/ Name: cu
Value: 33e69a78-75a5-4208-9622-334aff0b4b05|1699627806711
.targeting.unrulymedia.com/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005%22%7D
.crwdcntrl.net/ Name: _cc_dc
Value: 0
.crwdcntrl.net/ Name: _cc_id
Value: 14eda58844e7ab925a0eb83b8a5a5a53
.crwdcntrl.net/ Name: _cc_cc
Value: "ACZ4XmNQMDRJTUk0tbAwMUk1T0yyNDJNNEhNsjBOskg0BUFjBiBI9XOWA9FQAABSgwoi"
.crwdcntrl.net/ Name: _cc_aud
Value: "ABR4XmNgYGBI9XOWA1JQAAAN%2FAEV"
.tapad.com/ Name: TapAd_TS
Value: 1699627807054
.tapad.com/ Name: TapAd_DID
Value: bce88e44-d811-482a-b902-e909466f6e2e
.tapad.com/ Name: TapAd_3WAY_SYNCS
Value:

1 Console Messages

Source Level URL
Text
security error URL: about:blank
Message:
Refused to execute script from 'https://capi.connatix.com/us/pixel?puid=RX-b63dfe2b-d092-47ba-bd7f-852dd7241121-005&pId=44' because its MIME type ('image/gif') is not executable.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests;
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.pub.network
ad-delivery.net
ad.doubleclick.net
ad.turn.com
ads.pubmatic.com
ads.stickyadstv.com
ads.yieldmo.com
api.btloader.com
api.intentiq.com
bh.contextweb.com
btloader.com
capi.connatix.com
cd.connatix.com
cdn.confiant-integrations.net
cdn.firstimpression.io
cdn.hadronid.net
cds.connatix.com
cks.connatix.com
connatix-supply-partners.tremorhub.com
cs-server-s2s.yellowblue.io
cs.media.net
csi.gstatic.com
csync.loopme.me
d.pub.network
eb2.3lift.com
ecdn.analysis.fi
ecdn.firstimpression.io
fonts.googleapis.com
fonts.gstatic.com
freestar-io.videoplayerhub.com
functionalfeather.com
googleads.g.doubleclick.net
gum.criteo.com
i.ctnsnet.com
i.liadm.com
id.hadron.ad.gt
id.rlcdn.com
imasdk.googleapis.com
ins.connatix.com
match.adsrvr.org
match.prod.bidr.io
mug.criteo.com
optimise.net
pagead2.googlesyndication.com
pixel-sync.sitescout.com
pixel.tapad.com
sb.scorecardresearch.com
secure-assets.rubiconproject.com
secure.adnxs.com
securepubads.g.doubleclick.net
ssbsync.smartadserver.com
ssc-cms.33across.com
ssum.casalemedia.com
static.adsafeprotected.com
sync.1rx.io
sync.colossusssp.com
sync.crwdcntrl.net
sync.go.sonobi.com
sync.intentiq.com
sync.ipredictive.com
sync.resetdigital.co
sync.targeting.unrulymedia.com
sync1.intentiq.com
us-u.openx.net
vid.connatix.com
vop.sundaysky.com
widgets.outbrain.com
www.bleepingcomputer.com
www.bleepstatic.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
xsync.iqzone.com
ads.pubmatic.com
capi.connatix.com
cs-server-s2s.yellowblue.io
cs.media.net
csi.gstatic.com
i.liadm.com
id.rlcdn.com
imasdk.googleapis.com
secure-assets.rubiconproject.com
ssc-cms.33across.com
sync.colossusssp.com
sync.intentiq.com
us-u.openx.net
vid.connatix.com
104.18.41.104
104.20.59.209
107.20.234.237
108.138.64.122
130.211.23.194
142.234.204.77
142.251.16.148
165.227.251.217
172.64.146.152
172.64.151.101
172.67.75.139
18.160.18.81
18.160.46.100
18.165.83.79
198.148.27.131
199.127.204.142
199.127.204.171
207.198.113.93
23.105.12.143
2600:1901:0:7416::1
2600:1f18:612b:4200:8dc7:4fa0:2c07:4fd1
2600:9000:2479:e400:1b:6b7d:2300:93a1
2600:9000:24f4:1e00:8:48e:53c0:93a1
2606:4700:10::6816:445
2606:4700:10::6816:4ad8
2606:4700:10::ac43:246e
2606:4700:20::681a:246
2606:4700:20::681a:932
2606:4700:4400::ac40:90a6
2606:4700::6812:14ce
2607:f8b0:4004:c07::9b
2607:f8b0:4004:c08::61
2607:f8b0:4004:c08::64
2607:f8b0:4004:c09::5e
2607:f8b0:4004:c09::9a
2607:f8b0:4004:c17::9b
2607:f8b0:4004:c1b::6a
2607:f8b0:4004:c1d::5e
2607:f8b0:4004:c1d::5f
2620:100:a001::c
2620:112:f002:bbbb::21
3.162.125.65
3.33.220.150
34.111.113.62
34.111.152.239
34.160.152.31
35.186.193.173
35.214.147.130
35.71.139.29
52.2.60.159
54.146.143.157
54.156.21.254
54.157.141.59
63.251.28.234
68.67.160.24
69.166.1.35
69.192.110.3
74.119.119.139
005844ea7468bcb3ca82cf6a79b3dd3ee338e1e54e7d8e97cb7a95ad84a2cf3f
070fb3c8b1b626fc7501e5650f69123f832c632c357b5cd77df7c4e9bcb000e0
0ac2e100237281829ff2ffcb512402356cde3e67cde7c455fd4c0615daa30143
0e2f8bd529f48286e9c85134523586962ae6a5f1970a8d680c7d05043b3ebd99
0f427d0f88a0698c955ff63bf13af4ca80c9b32f218b5e210847450da901a74f
0f5cea81bb63d0214976da19bc823736066909b01efa7bf8cdb4d5de805eea93
112b0270cc0e53a2581021943ce50e10dcd700a1cc023a24b9728fa0a20e2813
146d44c816ed6aa83ce54ff040011c014ab16f9da2fc2ec4f72db5f711df9b21
15d8ec3a740c090019f8ae5c259e0c10e59d0994624479865d9c4a039bfc3fb6
1701a8746c35606bc76f254de81e7919bb9eecc8e82072175df9126405edf3ee
19db4a2cde712e2ceaac317e732b4ec40b62818a938a8bf8391ad68470845019
1acc5917d8bc39aadedfecfd7a78e7596af395671f249ea9ca53bd83bd3683ff
1aee66e2e24e851039801c0dace90f3efb7a1a17b033f7d5bbc12ca7c1d19432
1e0bd634c17317841ada3582bc8ab48c2a960d16c83832d744ebec29879769fc
22e977346d45bab9f531ce1132d7ecfbe8e46868eaea790a0d4dcd1d0649d74b
26c10af10b23582068cb37a4c4617117d841511d074695d8491096d86f3debe7
284a6e443e6902cda94a51b4a140c8310f92c4d8bfc63834369e8552f7553df5
28bf2d951fccd896aea3f18c4593cd9a1fe233e5eb85b41d9599ab36a44e5589
2fab4b8ba488c5852b480837fb7060454c8aaf31505d6086fa7bb1b5b96ea2ac
31cd7d9398307ca2e6cfaa111bbe7b69d69cbaaed2ff74034412ebc5008671fd
320afb4599d0c6913c1d0f7ad16609b48bd357898f5a6db56441e9d4bd8ecddf
32e73e8e0eec3e6c1345d84e7ef091b90e71fb0045814043b34c914156235eb9
33eb81af8a0101c1ad2a210f322fb362ce1598e6e37f0a7ecc62d6ff39add590
34f8c722cffad1b85092da988d0bc1c6242764c5fa7c08876d170b3204a8aa63
36367e0c3f5a8b490bebc5bfc526b10c7d4e4c371eb2b73d438f80f167fb9ca4
3a11f1c5b81a81f46f110da694894760c924514954f6dcb9609739d4cb99e4f9
3fe890d088ecf0cc9bc1b9069201e52972dbad6237865524090e15982d0de718
4131bd98b9b5c48a3468378bb866cd9a196ff89e4e69550a4d97cc35af52be94
42b976597a2d977d0e300f6d06bc903db389e5c112d33c1c8c249690a522d9f2
48c76c91f2d42a1668fee310da41b7c1f0d97d7ab0fa55fcf794e2cd3e412242
48d7ba6b0b04d3cc7ad953a6795872593568b78415476782dd31884475759306
48eb8b500ae6a38617b5738d2b3faec481922a7782246e31d2755c034a45cd5d
52d0ea23869312067f60923bc0a5f28a897caae3b1f20b604017b93eee232542
5b3f621d2fb31f213e6b1050c70dc5de512ee545cd324c211bedbf917ead0ba7
5e656b2e70812abe9e42d982ce6815d27bdc31ba51f15131ef6e3250fc2ea731
60eefcf729bb598f0023dfb88b4b86dfbeb84a1d1c0fff291282a8eeac48a9de
623c81b092a6116d4d60ff89b14803818efb0b9aebf6e4e2c50241e802f6e016
6395e6f9f6fbcd953f0ffa40615094c565d86c265fb5028e64dd2dc872b5ce69
64d4dba26e290c6a93533c62f1a401fbcd9f3f149ae0f759800f4695b03a7aec
67d86a29de7993fbd23b7dde2c4f26bdc434055c35a4b08c830c0d02fcfa6dd2
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6d92dfc1700fd38cd130ad818e23bc8aef697f815b2ea5face2b5dfad22f2e11
6e1cf560a4e42b1321a32a04030dddb56c511f0e7493718f82cfd1797e5aa9a7
6e86593083facba2710a2312f26bd7b436d7ef299f99cbc2ccc1b32693ec3144
6ee69abe38a87fd8aa0867401e1e14d2831eab6dfb1bb2d97abf65ac57cb5705
6f256b59004beadefbac9168d0380485ac8ed71a2546f2bd3d55e8702eee4d9a
70b66c78178b496a31ed4e7792d1f48a8615c2d18243440ce04946eeca71b779
7342a8017bbe7e15989ba39b6cac0999e4348393af014fb43ed5da4aa2795dbb
788c13994d09fd809cb431d4a0a2aaba6dd88c9b2ba4c0c9e03345362d9633ec
78a9e4cda2f8e2edcb24e06535ad89d97ddf75582f679dc1d041ce0124e84706
7a5d218c8e40dc33b9a0c27b49c2a5d0c9696ea53ee6371882d348a31116ae9b
7ad8a28b9ab0866c3372ab50550ca437d49fe1d52369aa0a0c9233f2f395332b
7d6d26827b887aa09b2a5eb7c001e35b93773e53c36ddbfc127ad824e0a6ba39
7e77b9e100ab7b73322ec8566cec58083b88d8b2ec7130e25b5337e85fadcb84
827252be04765631f8ff21fee8ffe1028e27dfa52f62c08ef3182609a0a0e991
82e7c81d19dba9144cbb07f64a24652745a025a0b8fbd015d26cb37ce6d3ec71
8467e30c00605a756a3dd67125646b7923a94cc25ae524d2ae5eb3f0558d2af9
85ae9534729617e69eafa40195c7854697eb3d13b4205f3ee467e07c4af0a24b
863ab50a39fc203ca8f614cef14c6cc700ee64bfeacd41426dce9ef8cbd98509
88302eaeffb9c416e305069da09addcf17adb4effb7aa7f534efc76cee94751d
895b5a019be6f6b0019713e1a5fae70be4f917cd6e0e4237fce134766f103e17
8bb41995562557b36864f7722bcdd8bd0f5a5bea0beb331af9575c10819670fe
8e55883a33144ee33d22ddbdb2ffa3d2c276274709aa60497042055c405295b9
942935ead42820e6c9184f099c77dde34fa4be70d395a17c47b5d7ad07967339
999f7962b8b847ed77e4c026487a4f1d736f7dc82f1bf528966793e1b01ad1fd
9ba56f5ffa579747efde1d2a429b325a9fb7220d30f4268e4a44ecbe4a9bf034
9ba9a3304a6f818b718978da4a9de24531a79fab766004c19be609674161700e
9cdb6bfef8d4212d9bf634ca6724a28e85dfa69cd404e6f9d3760d70a7873949
a0691590289efab8aecb842f768940fb34fc23791ca890f77b1e6b7aeec03126
a7e925f6192a3f7907621f9dde8afc47752d671d4a796f2cd5a53cfbc07c214b
a7f28e33d6a65a4269a7f4e327a177ead60fea39cb13129a35c4b24fef84f5af
a8d5ddfd2b17ba6fbf78f65d8dbf690631d5a609102caea35467a6401ab3d669
aaff81dee7c3617affb080504add07df07f631d8cd3685361149ff0c482f8ebd
ab52a578c101a14bbc790f87f9a7400dda65469f23c6ce85c461e07cdf776460
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b34676178982122b66b0a55d3ee411fa343b1d19a6c119c0c9b0ea2c892738a1
b92f631c8cf38be6724c9b0ef9dcc762b7314ee2197ced3608efb40e02618fac
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bb4f8df5602b561c6a5247851f27cebac4099886c0f337e67e5ea9fa0f9caac8
bc87d0cb0069d3c81c7df445c22748b34970a953bd608fadc5c8ff0aea787885
bdc5cfbe3bf445af1f4dac6519026b69a5d8b1de622cde01aa5ac629d42f114d
c13d034eaf2fa73680d0abdbe02ac23b73e3128b5c7f0ee7018eb7b3fbe84a72
c617c14e9268bf4f93033e8867ca604b87af55afbc073462a38e83d1bcf3d34e
c934eae332626c140d7a314afa56c4735e7d0f7cfb0668d792bb2e05b0e4a152
ca22345f969dd8077c21281572a34d4a51bc6a5ad9d764bd1338b2c12a68c3e3
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cfac05f501d6d4d62e29fff1049569c3c2aa8732af8db3a36e8fa252f05f5861
cff985dea7d9b3775e42743bde4044e4f9b91b0b1f2e5c1429ad97942e40bc00
d27bc752105c079f8a516e9142406a9fc12cbb409f9bf8681f2ddfe0360b52a6
d4ad4fb4feb6b5976ccd8eb9208ef6a6bdcb9bba3e7d9f97407d3b23b322724a
d6ee922eecba4ab08476af9747e1ffd664f219ddb34b465b6e045d21f5271b85
d85eeae609686d448cbf96e155315ac52d37c999a688f214ead283474632fa38
d8a34aeacc4054bd4e119e538c7eb4956421014f48a9b603d3f9314a7435b5a6
d961b08e4321250926de6f79087594975fe20ad1518de8f91eb711af5d1a6ef8
dd0bc74fd74412ac5d6feda8f47931466fa2f1339b2b4f9b271d67c0123ec062
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
df2b264f22e36ef449196840eeb0f761529d8e0b54e4a485e13ef24a6506bc41
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6111e59707c10f7067f65e596db7d0f265ffa10f5bdadaa72c43267f1ccd701
e6663c3046cd9369e7cb1a9553b09184f68a1db1b46d7caf6f2524db14cfe4ab
e77f44d52abbb705b058be0624841a4ac645e9420b991e7023bd4b27e8ffbebd
eb2b62e3b9e3af5c1bd9fa256330826cf4cb761efa20b60f45d203f1fc948276
f15a3af2df6b4d0452e400e42773bec42b061ab45b8228a1cf297f3bf48b5c17
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f6ad118573e878197461bcb18c0ef87b3a495056d4a61fda8ace401210a0cab3
f6b55d2668872c85e2f19fdd64e4012da449383e06590e04fb422180024fd5d7
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f7f6a5894f1d19ddad6fa392b2ece2c5e578cbf7da4ea805b6885eb6985b6e3d
fe917cd13fd4d9f376fd1cfa6ee6d31d6c7a89a5e7129dc8511b6e2aec860fa1