urlscan.io logo urlscan.io
SecurityTrails logo

threatpost.com Open in urlscan Pro
35.173.160.135  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.venminder.com/e3t/Ctc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9...
Effective URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=e...
Submission: On June 16 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 100 IPs in 13 countries across 102 domains to perform 300 HTTP transactions. The main IP is 35.173.160.135, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is threatpost.com. The Cisco Umbrella rank of the primary domain is 205586.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on June 2nd 2021. Valid for: a year.
This is the only time threatpost.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 2 2606:2c40::c7... 209242 (CLOUDFLAR...)
44 35.173.160.135 14618 (AMAZON-AES)
3 143.204.89.94 16509 (AMAZON-02)
1 2a00:1450:400... 15169 (GOOGLE)
7 2606:4700:303... 13335 (CLOUDFLAR...)
10 2600:9000:215... 16509 (AMAZON-02)
3 2a00:1450:400... 15169 (GOOGLE)
1 185.85.15.23 200107 (KL-EXT)
5 108.138.4.10 16509 (AMAZON-02)
1 9 151.101.66.137 54113 (FASTLY)
3 2a00:1450:400... 15169 (GOOGLE)
1 2600:9000:215... 16509 (AMAZON-02)
2 2a00:1450:400... 15169 (GOOGLE)
4 142.250.74.194 15169 (GOOGLE)
2 34.243.218.67 16509 (AMAZON-02)
1 64.140.160.2 18450 (WEBNX)
3 2a00:1450:400... 15169 (GOOGLE)
3 5 2620:116:800d... 16509 (AMAZON-02)
1 199.232.136.157 54113 (FASTLY)
2 151.101.194.137 54113 (FASTLY)
1 104.89.31.187 16625 (AKAMAI-AS)
1 46.105.202.126 16276 (OVH)
1 34.249.212.46 16509 (AMAZON-02)
1 15.188.95.229 16509 (AMAZON-02)
1 1 63.35.85.99 16509 (AMAZON-02)
1 2600:9000:215... 16509 (AMAZON-02)
1 104.244.42.133 13414 (TWITTER)
1 104.244.42.3 13414 (TWITTER)
3 2a00:1450:400... 15169 (GOOGLE)
2 2606:4700:20:... 13335 (CLOUDFLAR...)
1 7 34.98.64.218 15169 (GOOGLE)
4 2602:803:c004... 26667 (RUBICONPR...)
3 35.157.132.197 16509 (AMAZON-02)
1 3 216.52.2.39 30282 (AS-INAPCD...)
6 10 185.33.220.240 29990 (ASN-APPNEX)
1 3.122.158.53 16509 (AMAZON-02)
10 52.215.213.114 16509 (AMAZON-02)
7 159.89.246.130 14061 (DIGITALOC...)
1 2 147.75.85.234 54825 (PACKET)
1 2606:4700::68... 13335 (CLOUDFLAR...)
3 52.28.203.152 16509 (AMAZON-02)
1 213.19.147.43 3356 (LEVEL3)
1 104.92.100.195 16625 (AKAMAI-AS)
1 2a00:1450:400... 15169 (GOOGLE)
1 162.19.138.82 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 141.95.98.68 16276 (OVH)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 143.204.89.14 16509 (AMAZON-02)
1 76.223.111.18 16509 (AMAZON-02)
4 23.205.235.133 16625 (AKAMAI-AS)
6 15 23.35.236.247 16625 (AKAMAI-AS)
1 2620:1ec:40::45 8075 (MICROSOFT...)
1 151.101.193.108 54113 (FASTLY)
5 104.102.28.254 20940 (AKAMAI-ASN1)
4 4 185.29.132.241 30419 (MEDIAMATH...)
3 4 37.157.5.142 198622 (ADFORM)
10 35.71.131.137 16509 (AMAZON-02)
9 14 142.250.186.98 15169 (GOOGLE)
2 3 18.195.155.181 16509 (AMAZON-02)
3 3 193.0.160.128 54312 (ROCKETFUEL)
2 178.162.133.149 60781 (LEASEWEB-...)
2 2 3.122.71.55 16509 (AMAZON-02)
5 7 18.156.0.31 16509 (AMAZON-02)
4 52.213.153.112 16509 (AMAZON-02)
1 51.89.9.252 16276 (OVH)
1 2 185.86.137.107 201081 (SMARTADSE...)
1 5 69.173.144.165 26667 (RUBICONPR...)
1 1 216.52.2.19 30282 (AS-INAPCD...)
1 1 52.3.28.57 14618 (AMAZON-AES)
4 4 213.19.147.45 3356 (LEVEL3)
4 4 69.173.144.138 26667 (RUBICONPR...)
1 2a00:1288:80:... 203220 (YAHOO-DEB)
1 2620:1ec:21::14 8068 (MICROSOFT...)
2 3 2a05:d018:d29... 16509 (AMAZON-02)
2 35.244.174.68 15169 (GOOGLE)
2 3 52.95.126.160 16509 (AMAZON-02)
2 4 52.46.130.91 16509 (AMAZON-02)
1 34.111.151.213 15169 (GOOGLE)
2 2 44.206.177.243 14618 (AMAZON-AES)
3 3 52.7.176.196 14618 (AMAZON-AES)
2 3 185.33.221.53 29990 (ASN-APPNEX)
4 185.64.190.78 62713 (AS-PUBMATIC)
1 14 52.210.15.1 16509 (AMAZON-02)
4 4 18.185.246.45 16509 (AMAZON-02)
1 34.98.67.61 15169 (GOOGLE)
3 4 70.42.32.127 13789 (INTERNAP-...)
2 2 54.166.152.158 14618 (AMAZON-AES)
1 1 129.159.70.95 31898 (ORACLE-BM...)
2 169.197.150.8 398989 (DEEPINTENT)
2 2 70.42.32.95 22075 (AS-OUTBRAIN)
1 1 104.92.72.137 16625 (AKAMAI-AS)
2 2 52.211.8.77 16509 (AMAZON-02)
1 1 198.148.27.139 19189 (PULSEPOINT)
2 2 2a05:d018:24:... 16509 (AMAZON-02)
1 3 185.86.139.114 201081 (SMARTADSE...)
1 88.214.206.247 46636 (NATCOWEB)
2 2 151.101.130.49 54113 (FASTLY)
1 1 124.146.215.43 2514 (INFOSPHER...)
2 2 185.184.8.90 204995 (RTB-HOUSE...)
1 1 23.75.240.210 16625 (AKAMAI-AS)
19 185.64.189.110 62713 (AS-PUBMATIC)
2 2 213.155.156.185 1299 (TWELVE99 ...)
1 178.250.0.163 44788 (ASN-CRITE...)
2 104.36.113.24 62713 (AS-PUBMATIC)
4 4 141.94.171.212 16276 (OVH)
2 2 54.78.254.47 16509 (AMAZON-02)
3 3 52.31.207.136 16509 (AMAZON-02)
1 3.121.27.153 16509 (AMAZON-02)
1 2 169.50.137.182 36351 (SOFTLAYER)
2 185.64.190.81 62713 (AS-PUBMATIC)
1 1 85.114.159.118 24961 (MYLOC-AS ...)
2 3 52.208.216.244 16509 (AMAZON-02)
1 72.251.241.206 29791 (VOXEL-DOT...)
1 1 23.88.75.188 24940 (HETZNER-AS)
1 2 2606:4700:440... 13335 (CLOUDFLAR...)
1 1 141.95.171.139 16276 (OVH)
2 2 146.59.148.16 16276 (OVH)
1 195.5.165.20 44968 (IPROM-AS)
1 1 2a04:4e42:400... 54113 (FASTLY)
1 151.101.129.44 54113 (FASTLY)
1 38.27.122.101 174 (COGENT-174)
2 2 3.122.71.146 16509 (AMAZON-02)
2 2 35.201.96.126 15169 (GOOGLE)
1 185.64.190.87 62713 (AS-PUBMATIC)
1 2 77.243.60.138 42697 (NETIC-AS)
1 2606:4700:10:... 13335 (CLOUDFLAR...)
1 2 35.169.179.244 14618 (AMAZON-AES)
1 1 2001:678:cb4:... 56396 (AMOBEE)
1 2a02:fa8:8806... 41041 (VCLK-EU-SE)
1 1 159.65.196.12 14061 (DIGITALOC...)
1 1 34.102.253.54 15169 (GOOGLE)
1 66.155.71.149 13768 (COGECO-PEER1)
300 100
2    2606:2c40::c73c:671c (United States)

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)
www.venminder.com
44    35.173.160.135 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-173-160-135.compute-1.amazonaws.com
threatpost.com
kasperskycontenthub.com
3    143.204.89.94 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-94.fra50.r.cloudfront.net
tagan.adlightning.com
1    2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
7    2606:4700:3030::ac43:cf70 (United States)

ASN13335 (CLOUDFLARENET, US)
qd.admetricspro.com
10    2600:9000:2156:4600:1b:d000:d280:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.kasperskycontenthub.com
3    2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
1    185.85.15.23 (Germany)

ASN200107 (KL-EXT, CH)
media.kaspersky.com
5    108.138.4.10 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-138-4-10.fra56.r.cloudfront.net
c.amazon-adsystem.com
9    151.101.66.137 (United States)

ASN54113 (FASTLY, US)
cd.connatix.com
cds.connatix.com
capi.connatix.com
img.connatix.com
3    2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2600:9000:2156:e600:0:5c46:4f40:93a1 (United States)

ASN16509 (AMAZON-02, US)
media.threatpost.com
2    2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
4    142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net
securepubads.g.doubleclick.net
2    34.243.218.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-243-218-67.eu-west-1.compute.amazonaws.com
dpm.demdex.net
1    64.140.160.2 (Ogden, United States)

ASN18450 (WEBNX, US)
PTR: threatintelligenceplatform.com
geo.ipify.org
3    2a00:1450:4001:82f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
5    2620:116:800d:21:7eb1:3826:be7e:d981 (United States)

ASN16509 (AMAZON-02, US)
secure.quantserve.com
pixel.quantserve.com
cms.quantserve.com
1    199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
static.ads-twitter.com
2    151.101.194.137 (United States)

ASN54113 (FASTLY, US)
ins.connatix.com
vid.connatix.com
1    104.89.31.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-89-31-187.deploy.static.akamaitechnologies.com
secure.cdn.fastclick.net
1    46.105.202.126 (France)

ASN16276 (OVH, FR)
cdn.id5-sync.com
1    34.249.212.46 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-212-46.eu-west-1.compute.amazonaws.com
kaspersky.demdex.net
1    15.188.95.229 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
kaspersky.d3.sc.omtrdc.net
1    63.35.85.99 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-35-85-99.eu-west-1.compute.amazonaws.com
cm.everesttech.net
1    2600:9000:2156:4a00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)
rules.quantcount.com
1    104.244.42.133 (United States)

ASN13414 (TWITTER, US)
t.co
1    104.244.42.3 (United States)

ASN13414 (TWITTER, US)
analytics.twitter.com
3    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
imasdk.googleapis.com
2    2606:4700:20::681a:9a9 (United States)

ASN13335 (CLOUDFLARENET, US)
script.4dex.io
7    34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com
teachingaids-d.openx.net
eu-u.openx.net
us-u.openx.net
4    2602:803:c004:200::140 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
fastlane.rubiconproject.com
3    35.157.132.197 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-132-197.eu-central-1.compute.amazonaws.com
btlr.sharethrough.com
3    216.52.2.39 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ap.lijit.com
10    185.33.220.240 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
ib.adnxs.com
1    3.122.158.53 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-158-53.eu-central-1.compute.amazonaws.com
tlx.3lift.com
10    52.215.213.114 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
ads.servenobid.com
7    159.89.246.130 (Clifton, United States)

ASN14061 (DIGITALOCEAN-ASN, US)
e.serverbid.com
x.serverbid.com
2    147.75.85.234 (Schiphol, Netherlands)

ASN54825 (PACKET, US)
prebid.a-mo.net
1    2606:4700::6812:372 (United States)

ASN13335 (CLOUDFLARENET, US)
mp.4dex.io
3    52.28.203.152 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
c2shb.ssp.yahoo.com
1    213.19.147.43 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
tag.1rx.io
1    104.92.100.195 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-100-195.deploy.static.akamaitechnologies.com
htlb.casalemedia.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
1    162.19.138.82 (France)

ASN16276 (OVH, FR)
PTR: ns31532337.ip-162-19-138.eu
lb.eu-1-id5-sync.com
1    2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.de
1    141.95.98.68 (France)

ASN16276 (OVH, FR)
PTR: ns3216657.ip-141-95-98.eu
id5-sync.com
1    2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
1    2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
1    2a00:1450:4001:802::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com
1    143.204.89.14 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-89-14.fra50.r.cloudfront.net
sync.serverbid.com
1    76.223.111.18 (United States)

ASN16509 (AMAZON-02, US)
PTR: a0f671730127a0812.awsglobalaccelerator.com
eb2.3lift.com
4    23.205.235.133 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-205-235-133.deploy.static.akamaitechnologies.com
eus.rubiconproject.com
15    23.35.236.247 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-247.deploy.static.akamaitechnologies.com
js-sec.indexww.com
ssum-sec.casalemedia.com
dsum-sec.casalemedia.com
1    2620:1ec:40::45 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
public.servenobid.com
1    151.101.193.108 (United States)

ASN54113 (FASTLY, US)
acdn.adnxs.com
5    104.102.28.254 (Milan, Italy)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a104-102-28-254.deploy.static.akamaitechnologies.com
ads.pubmatic.com
4    185.29.132.241 (United Kingdom)

ASN30419 (MEDIAMATH-INC, US)
sync.mathtag.com
4    37.157.5.142 (Denmark)

ASN198622 (ADFORM, DK)
c1.adform.net
10    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
14    142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net
cm.g.doubleclick.net
3    18.195.155.181 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
cs.emxdgt.com
3    193.0.160.128 (United States)

ASN54312 (ROCKETFUEL, US)
p.rfihub.com
2    178.162.133.149 (Rijswijk, Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: ams-1-sync.go.sonobi.com
sync.go.sonobi.com
2    3.122.71.55 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-71-55.eu-central-1.compute.amazonaws.com
pixel.advertising.com
7    18.156.0.31 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    52.213.153.112 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
g2.gumgum.com
rtb.gumgum.com
1    51.89.9.252 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip252.ip-51-89-9.eu
onetag-sys.com
2    185.86.137.107 (France)

ASN201081 (SMARTADSERVER, FR)
ssbsync.smartadserver.com
5    69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    216.52.2.19 (United States)

ASN30282 (AS-INAPCDN-OCY, US)
ce.lijit.com
1    52.3.28.57 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-3-28-57.compute-1.amazonaws.com
x.yieldlift.com
4    213.19.147.45 (Utrecht, Netherlands)

ASN3356 (LEVEL3, US)
sync.1rx.io
4    69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)
token.rubiconproject.com
1    2a00:1288:80:807::2 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)
ads.yahoo.com
1    2620:1ec:21::14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
px.ads.linkedin.com
3    2a05:d018:d29:3602:cba9:630b:f07c:688c (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
pr-bh.ybp.yahoo.com
2    35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com
id.rlcdn.com
3    52.95.126.160 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
aax-eu.amazon-adsystem.com
4    52.46.130.91 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
s.amazon-adsystem.com
1    34.111.151.213 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 213.151.111.34.bc.googleusercontent.com
dmp.brand-display.com
2    44.206.177.243 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-206-177-243.compute-1.amazonaws.com
sync.extend.tv
3    52.7.176.196 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-7-176-196.compute-1.amazonaws.com
sync.srv.stackadapt.com
3    185.33.221.53 (Amsterdam, Netherlands)

ASN29990 (ASN-APPNEX, US)
PTR: 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
secure.adnxs.com
4    185.64.190.78 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
image6.pubmatic.com
14    52.210.15.1 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
usersync.gumgum.com
4    18.185.246.45 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-246-45.eu-central-1.compute.amazonaws.com
x.bidswitch.net
1    34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com
odr.mookie1.com
4    70.42.32.127 (United States)

ASN13789 (INTERNAP-BLK3, US)
PTR: ny.outbrain.com
sync.outbrain.com
2    54.166.152.158 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-166-152-158.compute-1.amazonaws.com
sync.ipredictive.com
1    129.159.70.95 (Ashburn, United States)

ASN31898 (ORACLE-BMC-31898, US)
sync.technoratimedia.com
2    169.197.150.8 (United States)

ASN398989 (DEEPINTENT, US)
PTR: g.deepintent.com
match.deepintent.com
2    70.42.32.95 (United States)

ASN22075 (AS-OUTBRAIN, US)
PTR: ny.outbrain.com
b1sync.zemanta.com
1    104.92.72.137 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-92-72-137.deploy.static.akamaitechnologies.com
stags.bluekai.com
2    52.211.8.77 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-211-8-77.eu-west-1.compute.amazonaws.com
ad.360yield.com
1    198.148.27.139 (New York, United States)

ASN19189 (PULSEPOINT, US)
bh.contextweb.com
2    2a05:d018:24:b001:736:16ab:a44d:3496 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
sync.tidaltv.com
3    185.86.139.114 (France)

ASN201081 (SMARTADSERVER, FR)
rtb-csync.smartadserver.com
1    88.214.206.247 (United Kingdom)

ASN46636 (NATCOWEB, US)
PTR: buycheapfags.com
cs.admanmedia.com
2    151.101.130.49 (United States)

ASN54113 (FASTLY, US)
sync-tm.everesttech.net
1    124.146.215.43 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
tg.socdm.com
2    185.184.8.90 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-90.rtbhouse.net
creativecdn.com
1    23.75.240.210 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-75-240-210.deploy.static.akamaitechnologies.com
secure-assets.rubiconproject.com
19    185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
image2.pubmatic.com
2    213.155.156.185 (Uppsala, Sweden)

ASN1299 (TWELVE99 Arelion, fka Telia Carrier, SE)
PTR: 213-155-156-185.teliacarrier-cust.com
d5p.de17a.com
1    178.250.0.163 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
dis.criteo.com
2    104.36.113.24 (United States)

ASN62713 (AS-PUBMATIC, US)
image4.pubmatic.com
4    141.94.171.212 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-4.cloudy.ovh
pixel.onaudience.com
2    54.78.254.47 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-254-47.eu-west-1.compute.amazonaws.com
loada.exelator.com
3    52.31.207.136 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-207-136.eu-west-1.compute.amazonaws.com
sync.crwdcntrl.net
1    3.121.27.153 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
ps.eyeota.net
2    169.50.137.182 (United States)

ASN36351 (SOFTLAYER, US)
PTR: b6.89.32a9.ip4.static.sl-reverse.com
um.simpli.fi
2    185.64.190.81 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
simage4.pubmatic.com
1    85.114.159.118 (Sankt Georgen im Schwarzwald, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)
PTR: dsp.adfarm1.adition.com
dsp.adfarm1.adition.com
3    52.208.216.244 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-208-216-244.eu-west-1.compute.amazonaws.com
match.prod.bidr.io
1    72.251.241.206 (Amsterdam, Netherlands)

ASN29791 (VOXEL-DOT-NET, US)
cm.adgrx.com
1    23.88.75.188 (Gunzenhausen, Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.188.75.88.23.clients.your-server.de
csync.loopme.me
2    2606:4700:4400::ac40:98f5 (United States)

ASN13335 (CLOUDFLARENET, US)
a.tribalfusion.com
s.tribalfusion.com
1    141.95.171.139 (France)

ASN16276 (OVH, FR)
PTR: bixel-5.cloudy.ovh
green.erne.co
2    146.59.148.16 (France)

ASN16276 (OVH, FR)
PTR: pikafka-eu-2.cloudy.ovh
pixel-eu.onaudience.com
1    195.5.165.20 (Slovenia)

ASN44968 (IPROM-AS, SI)
core.iprom.net
1    2a04:4e42:400::300 (United States)

ASN54113 (FASTLY, US)
trc.taboola.com
1    151.101.129.44 (United States)

ASN54113 (FASTLY, US)
match.taboola.com
1    38.27.122.101 (Chestertown, United States)

ASN174 (COGENT-174, US)
match.bnmla.com
2    3.122.71.146 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-122-71-146.eu-central-1.compute.amazonaws.com
pm.w55c.net
2    35.201.96.126 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 126.96.201.35.bc.googleusercontent.com
visitor.fiftyt.com
1    185.64.190.87 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)
aud.pubmatic.com
2    77.243.60.138 (Aalborg, Denmark)

ASN42697 (NETIC-AS, DK)
uipglob.semasio.net
1    2606:4700:10::ac43:db6 (United States)

ASN13335 (CLOUDFLARENET, US)
mwzeom.zeotap.com
2    35.169.179.244 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-35-169-179-244.compute-1.amazonaws.com
a.audrte.com
1    2001:678:cb4:bbbb::11 (United Kingdom)

ASN56396 (AMOBEE, GB)
ad.turn.com
1    2a02:fa8:8806:12::1370 (Singapore)

ASN41041 (VCLK-EU-SE, US)
pubmatic-match.dotomi.com
1    159.65.196.12 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)
match.adsby.bidtheatre.com
1    34.102.253.54 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 54.253.102.34.bc.googleusercontent.com
ads.playground.xyz
1    66.155.71.149 (Portsmouth, United Kingdom)

ASN13768 (COGECO-PEER1, CA)
pixel-sync.sitescout.com
Apex Domain
Subdomains		 Transfer
43 threatpost.com
threatpost.com — Cisco Umbrella Rank: 205586
media.threatpost.com
581 KB
33 pubmatic.com
hbopenbid.pubmatic.com Failed
ads.pubmatic.com — Cisco Umbrella Rank: 481
image6.pubmatic.com — Cisco Umbrella Rank: 652
simage2.pubmatic.com — Cisco Umbrella Rank: 635
image2.pubmatic.com — Cisco Umbrella Rank: 1024
image4.pubmatic.com — Cisco Umbrella Rank: 993
simage4.pubmatic.com — Cisco Umbrella Rank: 1230
aud.pubmatic.com — Cisco Umbrella Rank: 5811
47 KB
19 doubleclick.net
securepubads.g.doubleclick.net — Cisco Umbrella Rank: 213
stats.g.doubleclick.net — Cisco Umbrella Rank: 125
cm.g.doubleclick.net — Cisco Umbrella Rank: 217
168 KB
18 gumgum.com
g2.gumgum.com — Cisco Umbrella Rank: 1590
usersync.gumgum.com — Cisco Umbrella Rank: 2227
rtb.gumgum.com — Cisco Umbrella Rank: 1258
6 KB
18 rubiconproject.com
fastlane.rubiconproject.com — Cisco Umbrella Rank: 521
eus.rubiconproject.com — Cisco Umbrella Rank: 601
pixel.rubiconproject.com — Cisco Umbrella Rank: 358
token.rubiconproject.com — Cisco Umbrella Rank: 762
secure-assets.rubiconproject.com — Cisco Umbrella Rank: 1193
29 KB
14 casalemedia.com
htlb.casalemedia.com — Cisco Umbrella Rank: 547
ssum-sec.casalemedia.com — Cisco Umbrella Rank: 578
dsum-sec.casalemedia.com — Cisco Umbrella Rank: 623
15 KB
14 yahoo.com
c2shb.ssp.yahoo.com — Cisco Umbrella Rank: 1085
ups.analytics.yahoo.com — Cisco Umbrella Rank: 308
ads.yahoo.com — Cisco Umbrella Rank: 1168
pr-bh.ybp.yahoo.com — Cisco Umbrella Rank: 512
5 KB
14 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 247
acdn.adnxs.com — Cisco Umbrella Rank: 603
secure.adnxs.com — Cisco Umbrella Rank: 435
27 KB
12 amazon-adsystem.com
c.amazon-adsystem.com — Cisco Umbrella Rank: 323
aax-eu.amazon-adsystem.com — Cisco Umbrella Rank: 1227
s.amazon-adsystem.com — Cisco Umbrella Rank: 290
49 KB
12 kasperskycontenthub.com
media.kasperskycontenthub.com — Cisco Umbrella Rank: 605261
kasperskycontenthub.com — Cisco Umbrella Rank: 510411
282 KB
11 servenobid.com
ads.servenobid.com — Cisco Umbrella Rank: 2299
public.servenobid.com — Cisco Umbrella Rank: 4791
8 KB
11 connatix.com
cd.connatix.com — Cisco Umbrella Rank: 3654
cds.connatix.com — Cisco Umbrella Rank: 3923
capi.connatix.com — Cisco Umbrella Rank: 3998
ins.connatix.com — Cisco Umbrella Rank: 5189
capi-tier-2-us-east-2.connatix.com Failed
vid.connatix.com — Cisco Umbrella Rank: 4570
img.connatix.com — Cisco Umbrella Rank: 4488
520 KB
10 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 384
3 KB
8 serverbid.com
e.serverbid.com — Cisco Umbrella Rank: 3641
sync.serverbid.com — Cisco Umbrella Rank: 7863
x.serverbid.com — Cisco Umbrella Rank: 8692
2 KB
7 openx.net
teachingaids-d.openx.net — Cisco Umbrella Rank: 38781
eu-u.openx.net — Cisco Umbrella Rank: 1962
us-u.openx.net — Cisco Umbrella Rank: 402
2 KB
7 admetricspro.com
qd.admetricspro.com — Cisco Umbrella Rank: 40938
336 KB
6 onaudience.com
pixel.onaudience.com — Cisco Umbrella Rank: 3946
pixel-eu.onaudience.com — Cisco Umbrella Rank: 11684
3 KB
5 smartadserver.com
ssbsync.smartadserver.com — Cisco Umbrella Rank: 1292
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 643
2 KB
5 1rx.io
tag.1rx.io — Cisco Umbrella Rank: 1498
sync.1rx.io — Cisco Umbrella Rank: 557
3 KB
5 quantserve.com
secure.quantserve.com — Cisco Umbrella Rank: 1100
pixel.quantserve.com — Cisco Umbrella Rank: 461
cms.quantserve.com — Cisco Umbrella Rank: 1132
11 KB
4 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 732
1 KB
4 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 303
2 KB
4 adform.net
c1.adform.net — Cisco Umbrella Rank: 613
2 KB
4 mathtag.com
sync.mathtag.com — Cisco Umbrella Rank: 464
2 KB
4 lijit.com
ap.lijit.com — Cisco Umbrella Rank: 683
ce.lijit.com — Cisco Umbrella Rank: 1092
2 KB
4 google.com
www.google.com — Cisco Umbrella Rank: 9
adservice.google.com — Cisco Umbrella Rank: 92
2 KB
3 bidr.io
match.prod.bidr.io — Cisco Umbrella Rank: 531
2 KB
3 crwdcntrl.net
sync.crwdcntrl.net — Cisco Umbrella Rank: 761
1020 B
3 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 944
1 KB
3 rfihub.com
p.rfihub.com — Cisco Umbrella Rank: 796
2 KB
3 emxdgt.com
cs.emxdgt.com — Cisco Umbrella Rank: 1011
486 B
3 sharethrough.com
btlr.sharethrough.com — Cisco Umbrella Rank: 1304
337 B
3 4dex.io
script.4dex.io — Cisco Umbrella Rank: 2430
mp.4dex.io — Cisco Umbrella Rank: 3434
24 KB
3 googleapis.com
imasdk.googleapis.com — Cisco Umbrella Rank: 403
125 KB
3 everesttech.net
cm.everesttech.net — Cisco Umbrella Rank: 1015
sync-tm.everesttech.net — Cisco Umbrella Rank: 687
941 B
3 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 60
20 KB
3 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 212
kaspersky.demdex.net — Cisco Umbrella Rank: 641759
5 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 96
292 KB
3 adlightning.com
tagan.adlightning.com — Cisco Umbrella Rank: 1731
66 KB
2 audrte.com
a.audrte.com — Cisco Umbrella Rank: 2549
4 KB
2 semasio.net
uipglob.semasio.net — Cisco Umbrella Rank: 1201
1 KB
2 fiftyt.com
visitor.fiftyt.com — Cisco Umbrella Rank: 5304
625 B
2 w55c.net
pm.w55c.net — Cisco Umbrella Rank: 1010
1 KB
2 taboola.com
trc.taboola.com — Cisco Umbrella Rank: 698
match.taboola.com — Cisco Umbrella Rank: 2536
528 B
2 tribalfusion.com
a.tribalfusion.com — Cisco Umbrella Rank: 844
s.tribalfusion.com — Cisco Umbrella Rank: 2502
1 KB
2 simpli.fi
um.simpli.fi — Cisco Umbrella Rank: 969
1 KB
2 exelator.com
loada.exelator.com — Cisco Umbrella Rank: 21780
2 KB
2 de17a.com
d5p.de17a.com — Cisco Umbrella Rank: 5231
637 B
2 creativecdn.com
creativecdn.com — Cisco Umbrella Rank: 710
695 B
2 tidaltv.com
sync.tidaltv.com — Cisco Umbrella Rank: 1171
676 B
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 651
624 B
2 zemanta.com
b1sync.zemanta.com — Cisco Umbrella Rank: 600
1 KB
2 deepintent.com
match.deepintent.com — Cisco Umbrella Rank: 1027
83 B
2 ipredictive.com
sync.ipredictive.com — Cisco Umbrella Rank: 1146
955 B
2 extend.tv
sync.extend.tv — Cisco Umbrella Rank: 1927
1 KB
2 rlcdn.com
id.rlcdn.com — Cisco Umbrella Rank: 657
107 B
2 advertising.com
pixel.advertising.com — Cisco Umbrella Rank: 520
627 B
2 sonobi.com
sync.go.sonobi.com — Cisco Umbrella Rank: 1109
948 B
2 indexww.com
js-sec.indexww.com — Cisco Umbrella Rank: 689
2 KB
2 google.de
www.google.de — Cisco Umbrella Rank: 5111
adservice.google.de — Cisco Umbrella Rank: 7295
1 KB
2 a-mo.net
prebid.a-mo.net — Cisco Umbrella Rank: 1259
763 B
2 3lift.com
tlx.3lift.com — Cisco Umbrella Rank: 642
eb2.3lift.com — Cisco Umbrella Rank: 417
694 B
2 id5-sync.com
cdn.id5-sync.com — Cisco Umbrella Rank: 1574
id5-sync.com — Cisco Umbrella Rank: 581
12 KB
2 gstatic.com
www.gstatic.com
289 KB
2 venminder.com
www.venminder.com — Cisco Umbrella Rank: 854219
4 KB
1 sitescout.com
pixel-sync.sitescout.com — Cisco Umbrella Rank: 638
191 B
1 playground.xyz
ads.playground.xyz — Cisco Umbrella Rank: 4560
463 B
1 bidtheatre.com
match.adsby.bidtheatre.com — Cisco Umbrella Rank: 2909
534 B
1 dotomi.com
pubmatic-match.dotomi.com — Cisco Umbrella Rank: 3974
104 B
1 turn.com
ad.turn.com — Cisco Umbrella Rank: 836
518 B
1 zeotap.com
mwzeom.zeotap.com — Cisco Umbrella Rank: 1437
455 B
1 bnmla.com
match.bnmla.com — Cisco Umbrella Rank: 2208
114 B
1 iprom.net
core.iprom.net — Cisco Umbrella Rank: 6513
279 B
1 erne.co
green.erne.co — Cisco Umbrella Rank: 15203
366 B
1 loopme.me
csync.loopme.me — Cisco Umbrella Rank: 994
217 B
1 adgrx.com
cm.adgrx.com — Cisco Umbrella Rank: 1610
408 B
1 adition.com
dsp.adfarm1.adition.com — Cisco Umbrella Rank: 1725
501 B
1 eyeota.net
ps.eyeota.net — Cisco Umbrella Rank: 1079
344 B
1 criteo.com
dis.criteo.com — Cisco Umbrella Rank: 750
363 B
1 socdm.com
tg.socdm.com — Cisco Umbrella Rank: 1583
688 B
1 admanmedia.com
cs.admanmedia.com — Cisco Umbrella Rank: 1628
225 B
1 contextweb.com
bh.contextweb.com — Cisco Umbrella Rank: 612
388 B
1 bluekai.com
stags.bluekai.com — Cisco Umbrella Rank: 528
1 KB
1 technoratimedia.com
sync.technoratimedia.com — Cisco Umbrella Rank: 1232
339 B
1 mookie1.com
odr.mookie1.com — Cisco Umbrella Rank: 1030
356 B
1 brand-display.com
dmp.brand-display.com — Cisco Umbrella Rank: 2092
139 B
1 linkedin.com
px.ads.linkedin.com — Cisco Umbrella Rank: 370
709 B
1 yieldlift.com
x.yieldlift.com — Cisco Umbrella Rank: 4728
593 B
1 onetag-sys.com
onetag-sys.com — Cisco Umbrella Rank: 813
1 googlesyndication.com
fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com
4 KB
1 eu-1-id5-sync.com
lb.eu-1-id5-sync.com — Cisco Umbrella Rank: 1931
328 B
1 twitter.com
analytics.twitter.com — Cisco Umbrella Rank: 554
353 B
1 t.co
t.co — Cisco Umbrella Rank: 466
338 B
1 quantcount.com
rules.quantcount.com — Cisco Umbrella Rank: 1065
354 B
1 omtrdc.net
kaspersky.d3.sc.omtrdc.net — Cisco Umbrella Rank: 298272
316 B
1 fastclick.net
secure.cdn.fastclick.net — Cisco Umbrella Rank: 1700
17 KB
1 ads-twitter.com
static.ads-twitter.com — Cisco Umbrella Rank: 681
14 KB
1 ipify.org
geo.ipify.org — Cisco Umbrella Rank: 123394
579 B
1 kaspersky.com
media.kaspersky.com — Cisco Umbrella Rank: 151266
49 KB
1 googletagservices.com
www.googletagservices.com — Cisco Umbrella Rank: 185
28 KB
0 truffle.bid Failed
matching.truffle.bid Failed
0 2mdn.net Failed
s0.2mdn.net Failed
300 102
Domain Requested by
42 threatpost.com www.venminder.com
threatpost.com
14 usersync.gumgum.com 1 redirects g2.gumgum.com
14 cm.g.doubleclick.net 9 redirects eu-u.openx.net
threatpost.com
ssum-sec.casalemedia.com
g2.gumgum.com
13 simage2.pubmatic.com ads.pubmatic.com
threatpost.com
10 match.adsrvr.org eu-u.openx.net
sync.serverbid.com
public.servenobid.com
threatpost.com
ssum-sec.casalemedia.com
g2.gumgum.com
ads.pubmatic.com
10 ads.servenobid.com qd.admetricspro.com
public.servenobid.com
ssum-sec.casalemedia.com
g2.gumgum.com
ssbsync.smartadserver.com
10 ib.adnxs.com 6 redirects qd.admetricspro.com
acdn.adnxs.com
ssum-sec.casalemedia.com
10 media.kasperskycontenthub.com threatpost.com
7 dsum-sec.casalemedia.com 2 redirects ssum-sec.casalemedia.com
7 ups.analytics.yahoo.com 5 redirects ssum-sec.casalemedia.com
7 qd.admetricspro.com threatpost.com
qd.admetricspro.com
6 image2.pubmatic.com ads.pubmatic.com
threatpost.com
6 ssum-sec.casalemedia.com 4 redirects js-sec.indexww.com
public.servenobid.com
5 pixel.rubiconproject.com 1 redirects public.servenobid.com
threatpost.com
eus.rubiconproject.com
5 ads.pubmatic.com qd.admetricspro.com
sync.serverbid.com
public.servenobid.com
g2.gumgum.com
ads.pubmatic.com
5 cds.connatix.com threatpost.com
cd.connatix.com
5 c.amazon-adsystem.com qd.admetricspro.com
c.amazon-adsystem.com
4 pixel.onaudience.com 4 redirects
4 sync.outbrain.com 3 redirects g2.gumgum.com
4 x.bidswitch.net 4 redirects
4 image6.pubmatic.com ads.pubmatic.com
4 s.amazon-adsystem.com 2 redirects ssum-sec.casalemedia.com
4 token.rubiconproject.com 4 redirects
4 sync.1rx.io 4 redirects
4 x.serverbid.com sync.serverbid.com
ads.pubmatic.com
4 c1.adform.net 3 redirects ads.pubmatic.com
4 sync.mathtag.com 4 redirects
4 eus.rubiconproject.com qd.admetricspro.com
eus.rubiconproject.com
g2.gumgum.com
4 fastlane.rubiconproject.com qd.admetricspro.com
4 securepubads.g.doubleclick.net www.googletagservices.com
tagan.adlightning.com
securepubads.g.doubleclick.net
3 match.prod.bidr.io 2 redirects ads.pubmatic.com
3 sync.crwdcntrl.net 3 redirects
3 rtb.gumgum.com g2.gumgum.com
threatpost.com
3 rtb-csync.smartadserver.com 1 redirects ssbsync.smartadserver.com
3 secure.adnxs.com 2 redirects ssum-sec.casalemedia.com
3 sync.srv.stackadapt.com 3 redirects
3 aax-eu.amazon-adsystem.com 2 redirects threatpost.com
3 pr-bh.ybp.yahoo.com 2 redirects threatpost.com
3 p.rfihub.com 3 redirects
3 cs.emxdgt.com 2 redirects sync.serverbid.com
3 us-u.openx.net 1 redirects eu-u.openx.net
3 eu-u.openx.net qd.admetricspro.com
eu-u.openx.net
3 pixel.quantserve.com 2 redirects threatpost.com
3 c2shb.ssp.yahoo.com qd.admetricspro.com
3 e.serverbid.com qd.admetricspro.com
sync.serverbid.com
3 ap.lijit.com 1 redirects qd.admetricspro.com
public.servenobid.com
3 btlr.sharethrough.com qd.admetricspro.com
3 imasdk.googleapis.com cd.connatix.com
imasdk.googleapis.com
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
threatpost.com
3 www.googletagmanager.com threatpost.com
www.googletagmanager.com
3 www.google.com threatpost.com
3 tagan.adlightning.com threatpost.com
tagan.adlightning.com
2 a.audrte.com 1 redirects threatpost.com
2 uipglob.semasio.net 1 redirects threatpost.com
2 visitor.fiftyt.com 2 redirects
2 pm.w55c.net 2 redirects
2 pixel-eu.onaudience.com 2 redirects
2 simage4.pubmatic.com ads.pubmatic.com
2 um.simpli.fi 1 redirects ads.pubmatic.com
2 loada.exelator.com 2 redirects
2 image4.pubmatic.com ads.pubmatic.com
threatpost.com
2 d5p.de17a.com 2 redirects
2 creativecdn.com 2 redirects
2 sync-tm.everesttech.net 2 redirects
2 sync.tidaltv.com 2 redirects
2 ad.360yield.com 2 redirects
2 b1sync.zemanta.com 2 redirects
2 match.deepintent.com g2.gumgum.com
ads.pubmatic.com
2 sync.ipredictive.com 2 redirects
2 sync.extend.tv 2 redirects
2 id.rlcdn.com threatpost.com
ssbsync.smartadserver.com
2 ssbsync.smartadserver.com 1 redirects public.servenobid.com
2 pixel.advertising.com 2 redirects
2 sync.go.sonobi.com sync.serverbid.com
public.servenobid.com
2 js-sec.indexww.com qd.admetricspro.com
ssum-sec.casalemedia.com
2 prebid.a-mo.net 1 redirects qd.admetricspro.com
2 script.4dex.io qd.admetricspro.com
script.4dex.io
2 img.connatix.com threatpost.com
2 dpm.demdex.net media.kaspersky.com
threatpost.com
2 www.gstatic.com www.google.com
2 kasperskycontenthub.com threatpost.com
2 www.venminder.com 1 redirects
1 pixel-sync.sitescout.com threatpost.com
1 ads.playground.xyz 1 redirects
1 match.adsby.bidtheatre.com 1 redirects
1 pubmatic-match.dotomi.com threatpost.com
1 ad.turn.com 1 redirects
1 mwzeom.zeotap.com threatpost.com
1 aud.pubmatic.com threatpost.com
1 match.bnmla.com ads.pubmatic.com
1 match.taboola.com ads.pubmatic.com
1 trc.taboola.com 1 redirects
1 core.iprom.net ads.pubmatic.com
1 green.erne.co 1 redirects
1 s.tribalfusion.com ads.pubmatic.com
1 a.tribalfusion.com 1 redirects
1 csync.loopme.me 1 redirects
1 cm.adgrx.com ads.pubmatic.com
1 dsp.adfarm1.adition.com 1 redirects
1 ps.eyeota.net ads.pubmatic.com
1 dis.criteo.com ads.pubmatic.com
1 secure-assets.rubiconproject.com 1 redirects
1 tg.socdm.com 1 redirects
1 cs.admanmedia.com ssbsync.smartadserver.com
1 bh.contextweb.com 1 redirects
1 stags.bluekai.com 1 redirects
1 sync.technoratimedia.com 1 redirects
1 cms.quantserve.com 1 redirects
1 odr.mookie1.com g2.gumgum.com
1 dmp.brand-display.com ssum-sec.casalemedia.com
1 px.ads.linkedin.com threatpost.com
1 ads.yahoo.com threatpost.com
1 x.yieldlift.com 1 redirects
1 ce.lijit.com 1 redirects
1 onetag-sys.com public.servenobid.com
1 g2.gumgum.com public.servenobid.com
1 acdn.adnxs.com qd.admetricspro.com
1 public.servenobid.com qd.admetricspro.com
1 eb2.3lift.com qd.admetricspro.com
1 sync.serverbid.com qd.admetricspro.com
1 fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com securepubads.g.doubleclick.net
1 adservice.google.com tagan.adlightning.com
1 adservice.google.de tagan.adlightning.com
1 id5-sync.com cdn.id5-sync.com
1 www.google.de threatpost.com
1 lb.eu-1-id5-sync.com cdn.id5-sync.com
1 stats.g.doubleclick.net www.google-analytics.com
1 htlb.casalemedia.com qd.admetricspro.com
1 tag.1rx.io qd.admetricspro.com
1 mp.4dex.io qd.admetricspro.com
1 tlx.3lift.com qd.admetricspro.com
1 teachingaids-d.openx.net qd.admetricspro.com
1 vid.connatix.com cd.connatix.com
1 analytics.twitter.com threatpost.com
1 t.co threatpost.com
1 rules.quantcount.com secure.quantserve.com
1 cm.everesttech.net 1 redirects
1 kaspersky.d3.sc.omtrdc.net media.kaspersky.com
1 kaspersky.demdex.net tagan.adlightning.com
1 cdn.id5-sync.com tagan.adlightning.com
1 secure.cdn.fastclick.net tagan.adlightning.com
1 ins.connatix.com cd.connatix.com
1 static.ads-twitter.com www.googletagmanager.com
1 secure.quantserve.com www.googletagmanager.com
1 geo.ipify.org qd.admetricspro.com
1 capi.connatix.com cd.connatix.com
1 media.threatpost.com threatpost.com
1 cd.connatix.com 1 redirects
1 media.kaspersky.com threatpost.com
1 www.googletagservices.com threatpost.com
0 matching.truffle.bid Failed ads.pubmatic.com
0 s0.2mdn.net Failed imasdk.googleapis.com
0 hbopenbid.pubmatic.com Failed qd.admetricspro.com
0 capi-tier-2-us-east-2.connatix.com Failed cd.connatix.com
300 154

This site contains no links.

Subject Issuer Validity Valid
www.venminder.com
Cloudflare Inc ECC CA-3		 2022-06-15 -
2023-06-15		 a year crt.sh
threatpost.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
*.adlightning.com
Amazon		 2022-06-09 -
2023-07-07		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-08-11 -
2022-08-10		 a year crt.sh
media.kasperskycontenthub.com
Amazon		 2022-01-02 -
2023-01-31		 a year crt.sh
www.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
kasperskycontenthub.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-06-02 -
2022-07-03		 a year crt.sh
media.kaspersky.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-31 -
2023-03-31		 a year crt.sh
c.amazon-adsystem.com
Amazon		 2022-05-09 -
2023-04-18		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
media.threatpost.com
Amazon		 2022-01-05 -
2023-02-03		 a year crt.sh
*.gstatic.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.connatix.com
Go Daddy Secure Certificate Authority - G2		 2021-08-20 -
2022-09-21		 a year crt.sh
*.demdex.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-19 -
2022-11-19		 a year crt.sh
*.ipify.org
Sectigo RSA Domain Validation Secure Server CA		 2022-02-07 -
2023-03-10		 a year crt.sh
*.quantserve.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-22 -
2022-09-21		 a year crt.sh
ads-twitter.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-07-21 -
2022-07-26		 a year crt.sh
secure.cdn.fastclick.net
DigiCert SHA2 Secure Server CA		 2022-01-15 -
2023-01-17		 a year crt.sh
cdn.id5-sync.com
R3		 2022-04-13 -
2022-07-12		 3 months crt.sh
*.d3.sc.omtrdc.net
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-03-07		 a year crt.sh
t.co
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
*.twitter.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-03-07 -
2023-03-06		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2022-05-30 -
2022-08-22		 3 months crt.sh
*.openx.net
GeoTrust RSA CA 2018		 2021-07-08 -
2022-08-08		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-03-08 -
2023-04-04		 a year crt.sh
*.sharethrough.com
Amazon		 2021-08-13 -
2022-09-11		 a year crt.sh
*.lijit.com
Go Daddy Secure Certificate Authority - G2		 2022-03-11 -
2023-04-12		 a year crt.sh
*.adnxs.com
GeoTrust ECC CA 2018		 2022-02-11 -
2023-03-14		 a year crt.sh
*.3lift.com
Amazon		 2022-05-13 -
2023-06-11		 a year crt.sh
ads.servenobid.com
Amazon		 2022-05-29 -
2023-06-27		 a year crt.sh
*.consumableaudio.com
R3		 2022-04-27 -
2022-07-26		 3 months crt.sh
*.a-mo.net
R3		 2022-05-05 -
2022-08-03		 3 months crt.sh
web.ssp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-03-08 -
2022-08-31		 6 months crt.sh
*.1rx.io
Sectigo RSA Domain Validation Secure Server CA		 2021-06-01 -
2022-07-02		 a year crt.sh
san.casalemedia.com
GeoTrust RSA CA 2018		 2021-12-12 -
2022-12-13		 a year crt.sh
*.eu-1-id5-sync.com
R3		 2022-06-01 -
2022-08-30		 3 months crt.sh
*.google.com
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
www.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
*.id5-sync.com
R3		 2022-05-31 -
2022-08-29		 3 months crt.sh
*.google.de
GTS CA 1C3		 2022-05-25 -
2022-08-17		 3 months crt.sh
sync.serverbid.com
Amazon		 2022-04-04 -
2023-05-03		 a year crt.sh
public.servenobid.com
DigiCert TLS RSA SHA256 2020 CA1		 2022-02-17 -
2023-02-17		 a year crt.sh
cdn.adnxs.com
GeoTrust TLS RSA CA G1		 2022-03-11 -
2023-04-11		 a year crt.sh
*.pubmatic.com
DigiCert SHA2 Secure Server CA		 2022-02-04 -
2023-02-03		 a year crt.sh
*.adsrvr.org
GlobalSign GCC R3 DV TLS CA 2020		 2022-03-31 -
2023-05-02		 a year crt.sh
*.emxdgt.com
Go Daddy Secure Certificate Authority - G2		 2022-05-18 -
2023-06-19		 a year crt.sh
*.go.sonobi.com
Go Daddy Secure Certificate Authority - G2		 2021-12-08 -
2023-01-09		 a year crt.sh
*.gumgum.com
Amazon		 2022-05-06 -
2023-06-04		 a year crt.sh
*.onetag-sys.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-10 -
2023-01-03		 a year crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-01-25 -
2023-01-25		 a year crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2022-02-03 -
2023-02-25		 a year crt.sh
*.brand-display.com
GeoTrust RSA CA 2018		 2022-06-03 -
2023-07-04		 a year crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-06-07 -
2022-11-30		 6 months crt.sh
*.deepintent.com
Go Daddy Secure Certificate Authority - G2		 2022-05-02 -
2023-06-03		 a year crt.sh
*.admanmedia.com
Go Daddy Secure Certificate Authority - G2		 2022-04-21 -
2023-05-23		 a year crt.sh
*.ad-server.k8s.ie.ggops.com
Amazon		 2022-02-15 -
2023-03-16		 a year crt.sh
track.adform.net
DigiCert TLS RSA SHA256 2020 CA1		 2021-09-06 -
2022-10-07		 a year crt.sh
*.criteo.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-06-15 -
2022-09-18		 3 months crt.sh
*.simpli.fi
DigiCert TLS RSA SHA256 2020 CA1		 2021-10-27 -
2022-11-27		 a year crt.sh
*.match.prod.bidr.io
Amazon		 2022-01-27 -
2023-02-25		 a year crt.sh
public1.adgear.com
Sectigo RSA Domain Validation Secure Server CA		 2022-03-01 -
2023-03-28		 a year crt.sh
*.iprom.net
R3		 2022-03-24 -
2022-06-22		 3 months crt.sh
*.taboola.com
DigiCert TLS RSA SHA256 2020 CA1		 2021-11-28 -
2022-12-29		 a year crt.sh
*.bnmla.com
Go Daddy Secure Certificate Authority - G2		 2021-12-30 -
2023-01-31		 a year crt.sh
*.ybp.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2022-01-18 -
2022-07-13		 6 months crt.sh
*.dotomi.com
GlobalSign RSA OV SSL CA 2018		 2021-08-10 -
2022-09-11		 a year crt.sh
*.sitescout.com
GeoTrust TLS DV RSA Mixed SHA256 2020 CA-1		 2021-12-15 -
2023-01-15		 a year crt.sh

This page contains 52 frames:

Primary Page: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Frame ID: 952CDCEDB4C12E5E5DCF822F2A9F21E3
Requests: 133 HTTP requests in this frame

Frame: https://cds.connatix.com/p/166750/connatix.player.dc.js
Frame ID: BCF14890EF54F7CF7FA120E2AD1DD936
Requests: 12 HTTP requests in this frame

Frame: https://kaspersky.demdex.net/dest5.html?d_nsid=0
Frame ID: 5DD2DFBCE10F66285DEB323687718D36
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: 18DE928C396C2AB87BAC20D683E01B6E
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: A2A09B963C4AE07060547DC85EA934AB
Requests: 1 HTTP requests in this frame

Frame: https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Frame ID: 8BFB5F283A2195802482F0056D9800D4
Requests: 1 HTTP requests in this frame

Frame: https://fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Frame ID: 1274FC7E0BD604DB3B889BCD339221B8
Requests: 1 HTTP requests in this frame

Frame: https://sync.serverbid.com/ss/2000891.html
Frame ID: 08E74D8163A9C23398A81C0FDB523A17
Requests: 9 HTTP requests in this frame

Frame: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Frame ID: B78AAE433EEC6A16363E08F5CE5020FD
Requests: 7 HTTP requests in this frame

Frame: https://eb2.3lift.com/sync
Frame ID: 0927AEC4BC1D04A5E8EBB7EDC6A56D22
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?gdpr=0
Frame ID: 2CDFEDBF263BEA0A006473A158730EA5
Requests: 10 HTTP requests in this frame

Frame: https://js-sec.indexww.com/um/ixmatch.html
Frame ID: 81A99A6AFEE1157BB43295DB4374FADB
Requests: 1 HTTP requests in this frame

Frame: https://public.servenobid.com/sync.html
Frame ID: 1E97309E54DD3716523388EB4E15B2AA
Requests: 11 HTTP requests in this frame

Frame: https://acdn.adnxs.com/dmp/async_usersync.html
Frame ID: 62F722E2177470140180C2D6896FD7DC
Requests: 3 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Frame ID: D5CDEFE9A08B1B9DA5B932402F0DB64E
Requests: 9 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Frame ID: 49A18D7595A321562EFEB75300EF4113
Requests: 21 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Frame ID: 75BA1C47ED5A9C2FB2FF1E246AA6F20F
Requests: 10 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Frame ID: 301C65A578230A3BAFCD5127BD2E8458
Requests: 2 HTTP requests in this frame

Frame: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Frame ID: 2DDFDC10060E8DEBD77E2239040D8156
Requests: 16 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Frame ID: 7CEC4388F984F85FC5E84853A4D0AB2C
Requests: 1 HTTP requests in this frame

Frame: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Frame ID: 8E5CDB9E8F6684E92C1A37E66FDDA4FB
Requests: 6 HTTP requests in this frame

Frame: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Frame ID: A1FDDE35B580CF0C2701248D9A49967A
Requests: 10 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=mmh&i=fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Frame ID: B7D7210C9C6E37F62B345D44F533FB1A
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=atm&i=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
Frame ID: 70007F2EE53D5E77BF859FF53BE52E03
Requests: 1 HTTP requests in this frame

Frame: https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTZkZDcyMS05ODc4LTRhNjMtOWU3Zi1kYThkZjlkZDg1OWM=&gdpr=0&gdpr_consent=
Frame ID: A93BFB7F5EB25D4302E2CCDEAC6FC54F
Requests: 1 HTTP requests in this frame

Frame: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Frame ID: DC94A770E900D8E503FD7F90FFB4844B
Requests: 2 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Frame ID: 639FB44B6BDCE50F4AE117795207996D
Requests: 1 HTTP requests in this frame

Frame: https://usersync.gumgum.com/usersync?b=emx&uid=1244441007486675437brt3031655397781644602f1
Frame ID: 5318F45B460FBB357AA5313C6CD1A14C
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=sus&i=YqtdlsCo8YQAANT-NcIAAAAA
Frame ID: B622FE086AA9E5B8E7333AE9190B9B27
Requests: 1 HTTP requests in this frame

Frame: https://rtb.gumgum.com/usersync?b=rth&i=z4MkVvOpgjByW7rJSR0L&pi=gumgum&tc=1
Frame ID: DEEFF008F15345F4F0C20E06D7D5AD9A
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=gumgum
Frame ID: 688223BD5FDAF92C5FBADAB3C44FFEC3
Requests: 3 HTTP requests in this frame

Frame: https://c1.adform.net/serving/cookie/match?party=14&cid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
Frame ID: 2FB9441283A0A8F9ADF17FC4A9958E75
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Frame ID: D2CAA509F051AAE4CD5B33A0C13BA243
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1280365207208777108
Frame ID: E230F7136918EE95863113D4DF884C5B
Requests: 1 HTTP requests in this frame

Frame: https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Frame ID: 469C97663500FF6335186769BA0C9F30
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7109879344173414553
Frame ID: D45DFB63C06802003EF02F9C131A12B7
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f1g5P6nQTUd0fB6hW2gldlD_B2Q
Frame ID: B369437D7FAFCAFA679CD1F2B88A6C94
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
Frame ID: C5EDF442821FC5A20FAFB08463919285
Requests: 1 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Frame ID: 38D90A7642A8557F936AF1B500D5BF9C
Requests: 1 HTTP requests in this frame

Frame: https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Frame ID: F620C4972DA0C2579F11BD973E9CA3DC
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Frame ID: 0318D83EC97A8E464F6D12D62FBD7F72
Requests: 1 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1762952545
Frame ID: B9C62A9E0B3F563275CAB2E306AE55AE
Requests: 1 HTTP requests in this frame

Frame: https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Frame ID: 706B426C9534A37D947542715FCE9720
Requests: 1 HTTP requests in this frame

Frame: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UYQbWQnVaTjUShYg
Frame ID: EC92B0C1ADF86EC58AF3872D4305F5E6
Requests: 1 HTTP requests in this frame

Frame: https://core.iprom.net/cookiesync
Frame ID: 0997DA6E6B41E39766FBAB0A46031B6C
Requests: 1 HTTP requests in this frame

Frame: https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=320dd50a-6050-433c-946f-f1e399f43208-tuct9a4e318&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Frame ID: 9ABC2F8E2CEACCD9A2172F70404CE59A
Requests: 1 HTTP requests in this frame

Frame: https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID
Frame ID: EB6DE187CAF6FDB5FADED3356AF73483
Requests: 1 HTTP requests in this frame

Frame: https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Frame ID: 3C4B4AE865D10023B7E48889FFA5D644
Requests: 1 HTTP requests in this frame

Frame: https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Frame ID: 95D2CFD3BA28D32D0EB11F0EA5BC2E4B
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FF6D94AD82C546B38AEDAF5FBB9D441E
Frame ID: FDC70065A68CC07B8C14ECE417E49639
Requests: 1 HTTP requests in this frame

Frame: https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7OWpLZpV1O1SAg5&gdpr=0&gdpr_consent=
Frame ID: 8CDADB33DEEF4F64C8395437AC6378FD
Requests: 1 HTTP requests in this frame

Frame: https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
Frame ID: 54924127830E8442EB8800EC385D6E75
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.venminder.com/e3t/Ctc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-... Page URL
  2. https://www.venminder.com/events/public/v1/encoded/track/tc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W4... HTTP 307
    https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20New... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • googletagservices\.com/tag/js/gpt(?:_mobile)?\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.openx\.net
Overall confidence: 100%
Detected patterns
  • /prebid\.js
  • adnxs\.com/[^"]*(?:prebid|/pb\.js)
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • \.quantserve\.com/quant\.js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • jquery[.-]([\d.]*\d)[^/]*\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /recaptcha/api\.js

Page Statistics

300
Requests

76 %
HTTPS

22 %
IPv6

102
Domains

154
Subdomains

100
IPs

13
Countries

3033 kB
Transfer

8289 kB
Size

113
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.venminder.com/e3t/Ctc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncfCW3X-x-w21RpnHMcxHHxF6SMYW1zpX1y7jsdBFN7gCNm65yJrXW8NcdgH60T8HmW2syrXc5hnLgcN2K-bKNnSfCfW4f_9gZ2mh-p3W4fTmMZ5Qns2bN10MTJCngZkMW6KKtpS5fyFyZW3nypPJ23GYVPW3Gg9l-2Z1WpKW5mb-m77vFYHkV4t6gG6zQdwdW8Wv_c94lFfLYW8t2qJv1WvyFfW7Jgwck47g7DWW97-_VH8XDpZpW5VxQ2s4ZqW36W49dkxV1NzHyP32Y41 Page URL
  2. https://www.venminder.com/events/public/v1/encoded/track/tc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncfCW3X-x-w21RpnHMcxHHxF6SMYW1zpX1y7jsdBFN7gCNm65yJrXW8NcdgH60T8HmW2syrXc5hnLgcN2K-bKNnSfCfW4f_9gZ2mh-p3W4fTmMZ5Qns2bN10MTJCngZkMW6KKtpS5fyFyZW3nypPJ23GYVPW3Gg9l-2Z1WpKW5mb-m77vFYHkV4t6gG6zQdwdW8Wv_c94lFfLYW8t2qJv1WvyFfW7Jgwck47g7DWW97-_VH8XDpZpW5VxQ2s4ZqW36W49dkxV1NzHyP32Y41?_ud=3458a12f-db65-4db7-adaf-351adc3d5563&_ch=p&_pr2=p&_pl=3&_lg=en-US,en&_dr=p&_ts=p HTTP 307
    https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 48
  • https://cd.connatix.com/connatix.player.js HTTP 302
  • https://cds.connatix.com/p/166750/connatix.player.dc.js
Request Chain 93
  • https://cm.everesttech.net/cm/dd?d_uuid=33020213730496520520066473953452234431 HTTP 302
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqtdjgAAAJTvogOV
Request Chain 157
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fccd62ab-5d95-4f00-a746-431f8487ce09
Request Chain 158
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0 HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pmi0XT0-7VolP7BZP2n4Wj5q4A4lOLcNamOak5QH
Request Chain 159
  • https://c1.adform.net/serving/cookie/match?party=22 HTTP 302
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22 HTTP 302
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7439562014725789384
Request Chain 162
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc HTTP 302
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBngdslsQNNQ8bbhGlVs8LA&google_cver=1
Request Chain 164
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=E0kKvBZHggn13NjfQ5yjeES0
Request Chain 166
  • https://p.rfihub.com/cm?pub=42786&in=1 HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5108559723563764149
Request Chain 167
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1 HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YqtdlXxQEofl2wP3IIeWNAAA%261212
Request Chain 168
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID HTTP 302
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1320128258202226795
Request Chain 170
  • https://pixel.advertising.com/ups/56621/occ HTTP 302
  • https://pixel.advertising.com/ups/56621/occ?verify=true HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP62b35cbe-ed93-11ec-bfef-06f16eb29912 HTTP 302
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP62b35cbe-ed93-11ec-bfef-06f16eb29912&verify=true HTTP 302
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP62b35cbe-ed93-11ec-bfef-06f16eb29912
Request Chain 173
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels HTTP 307
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Request Chain 174
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Request Chain 179
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D HTTP 302
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Request Chain 181
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID HTTP 302
  • https://ads.servenobid.com/sync?pid=312&uid=1244441007486675437
Request Chain 182
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D HTTP 302
  • https://ads.servenobid.com/sync?pid=310&uid=E0kKvBZHggn13NjfQ5yjeES0
Request Chain 184
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID HTTP 301
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMWMyZDU5ZmYtYTliMC00MzIyLTllN2QtNzc3MDIwMDRmYTlhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0xNlQxNjo0MzowMS44MDEyNTVaIn0=
Request Chain 185
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D HTTP 302
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1655397781460 HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162575461
Request Chain 186
  • https://p.rfihub.com/cm?pub=44007&in=1 HTTP 302
  • https://ads.servenobid.com/sync?pid=324&uid=5140084920985061272
Request Chain 188
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D HTTP 302
  • https://ads.servenobid.com/sync?pid=327&uid=71903f75-c989-4ea5-806e-51a7b7b8891a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Request Chain 189
  • https://ups.analytics.yahoo.com/ups/58559/occ HTTP 302
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true HTTP 302
  • https://ads.servenobid.com/sync?pid=337&uid=y-UVCMIRhE2uF8h3mF6xud0PRBhG1Cuv1OZWGnWV8-~A
Request Chain 191
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0 HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRIOTNEWjEtWS1CR0g2&gdpr=0
Request Chain 192
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0 HTTP 302
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4H93DZ1-Y-BGH6&sigv=1&esig=2~abe5269f5a5795ffbb99a957dc10d05ca1aab6e0&gdpr=0
Request Chain 193
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL4l6KX961l7tz8xbHrSWgI&google_cver=1
Request Chain 194
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0 HTTP 302
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4H93DZ1-Y-BGH6&gdpr=0
Request Chain 195
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0 HTTP 302
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/cuCkhEuuaeSGUM0YhnGFxQ?csrc=&gdpr=0 HTTP 302
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5270483378470604597
Request Chain 197
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t HTTP 302
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KJd6WFEpSdyNVzDmKovfSA&rk=usync-other&gdpr=0 HTTP 302
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KJd6WFEpSdyNVzDmKovfSA&gdpr=0
Request Chain 199
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YqtdlXxQEofl2wP3IIeWLgAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1
Request Chain 200
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB&dcc=t
Request Chain 204
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca1d58e4-01fd-445d-82a7-5c1f863be761
Request Chain 205
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1 HTTP 302
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nH84Qq2QFBH9WQf7kFoq1D_B2Q
Request Chain 208
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB HTTP 302
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB&dcc=t
Request Chain 209
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1 HTTP 302
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YqtdlVksbUYX.CH7VO-h8AAA HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1&google_hm=2
Request Chain 211
  • https://sync.extend.tv/r.gif?exchange=index HTTP 302
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=126a6bc6-643d-47bf-aab2-f91e9a0ea956
Request Chain 217
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID HTTP 302
  • https://usersync.gumgum.com/usersync?b=apn&i=1244441007486675437
Request Chain 218
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_896dd721-9878-4a63-9e7f-da8df9dd859c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_896dd721-9878-4a63-9e7f-da8df9dd859c&gdpr=0&gdpr_consent=&us_privacy=1--- HTTP 302
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=605d3ec1-7c39-4340-9bef-c98d39cf90dc&ssp=gumgum2&gdpr=0&gdpr_consent=
Request Chain 219
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobRdUrl%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Xp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%26platformUid%3D%7Bplatform_uid%7D%26obuid%3DENC%28Xp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4%29 HTTP 302
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_896dd721-9878-4a63-9e7f-da8df9dd859c&obuid=ENC(Xp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4) HTTP 302
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51 HTTP 302
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DXp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4 HTTP 302
  • https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=nwflp5xRvKCEUOGjngapoJ8FsfSEV-b3ywwH_PZM
Request Chain 220
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=opx&i=99748ae1-83da-055b-2871-daa717ec43fd
Request Chain 221
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7f58393f-a9d0-4d47-747c-1ea15b682576$ip$80.255.7.100
Request Chain 222
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3hFqYhFE2pec0Sr_RaV52s61ikm9I7AM2BZ2~A
Request Chain 223
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dvnt%26i%3D HTTP 302
  • https://usersync.gumgum.com/usersync?b=vnt&i=631f16fd-ed93-11ec-8290-0b5c966f72f2
Request Chain 224
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D HTTP 307
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Request Chain 226
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_896dd721-9878-4a63-9e7f-da8df9dd859c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__ HTTP 302
  • https://stags.bluekai.com/site/23178?id=ygCM2cvNvC-l7EhzKXLo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26LHINGTEY3WJZ3EGLLMG5CWQ6SLLBGG6JTVONPXA4TJOZQWG6J5GEWS2LI&gdpr=0&us_privacy=1--- HTTP 302
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26LHINGTEY3WJZ3EGLLMG5CWQ6SLLBGG6JTVONPXA4TJOZQWG6J5GEWS2LI HTTP 302
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ygCM2cvNvC-l7EhzKXLo&us_privacy=1---
Request Chain 227
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D HTTP 302
  • https://usersync.gumgum.com/usersync?b=idi&i=545e9308-d442-4c04-b517-ad0593a97878
Request Chain 228
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3383624773
Request Chain 229
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25 HTTP 302
  • https://usersync.gumgum.com/usersync?b=pln&i=R0sfyz7XvMw6&ev=1&pid=558355
Request Chain 230
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=sad&i=2041178221297896427
Request Chain 233
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent= HTTP 302
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1 HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=06b38338-9d34-477c-9e94-29a74cac25a7&gdpr=0&gdpr_consent=
Request Chain 235
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc%26google_hm%3DSMART_USER_ID_B64&gdpr=0&gdpr_consent= HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjA0MTE3ODIyMTI5Nzg5NjQyNw==&gdpr=0&gdpr_consent= HTTP 302
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEI9tU6iPdYJjqyHKY8nP2PM&gdpr=0&gdpr_consent=&google_cver=1
Request Chain 237
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d HTTP 302
  • https://usersync.gumgum.com/usersync?b=mmh&i=fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Request Chain 238
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent= HTTP 302
  • https://usersync.gumgum.com/usersync?b=atm&i=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
Request Chain 242
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent= HTTP 302
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID HTTP 302
  • https://cs.emxdgt.com/umcheck?apnxid=1244441007486675437&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID HTTP 302
  • https://usersync.gumgum.com/usersync?b=emx&uid=1244441007486675437brt3031655397781644602f1
Request Chain 243
  • https://tg.socdm.com/aux/idsync?proto=gumgum HTTP 302
  • https://rtb.gumgum.com/usersync?b=sus&i=YqtdlsCo8YQAANT-NcIAAAAA
Request Chain 244
  • https://creativecdn.com/cm-notify?pi=gumgum HTTP 302
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1 HTTP 302
  • https://rtb.gumgum.com/usersync?b=rth&i=z4MkVvOpgjByW7rJSR0L&pi=gumgum&tc=1
Request Chain 245
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum HTTP 301
  • https://eus.rubiconproject.com/usync.html?p=gumgum
Request Chain 249
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%3Duid%3A%5BMM_UUID%5D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Request Chain 250
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1280365207208777108
Request Chain 252
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uSRyl2apRravsescT9KWTw%3D%3D HTTP 302
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Request Chain 253
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fccd62ab-5d95-4f00-a746-431f8487ce09
Request Chain 254
  • https://pixel.onaudience.com/?partner=214&mapped=B9247297-66A9-46B6-AFB1-EB1C4FD2964F HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1 HTTP 302
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1 HTTP 302
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=420b76289444c1677fa5b449e7b20a61&gdpr=1 HTTP 302
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=63d14de507c68b3a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=63d14de507c68b3a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26gdpr_consent%3D%24%7Bgdpr_consent%7D HTTP 302
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent} HTTP 302
  • https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgif%26uid%3D%25m HTTP 302
  • https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=97eec2da568600a1
Request Chain 255
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjkyNDcyOTctNjZBOS00NkI2LUFGQjEtRUIxQzRGRDI5NjRG&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Request Chain 256
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAvzBXMa107U-YH4vUHpxn8&google_cver=1
Request Chain 262
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7109879344173414553
Request Chain 263
  • https://sync.srv.stackadapt.com/sync?nid=11 HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f1g5P6nQTUd0fB6hW2gldlD_B2Q
Request Chain 264
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%26gdpr%3D0%26gdpr_consent%3D HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
Request Chain 265
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent= HTTP 303
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1 HTTP 303
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIUUZVN0ZWcnNBQUJQVFZ1alBBQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1 HTTP 302
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Request Chain 267
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent= HTTP 307
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Request Chain 268
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1762952545
Request Chain 269
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID} HTTP 302
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Request Chain 270
  • https://green.erne.co/pubmatic/cm HTTP 302
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid HTTP 302
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redirect%3Dhttps%253A%252F%252Fimage2.pubmatic.com%252FAdServer%252FPug%253Fvcode%253Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%2526piggybackCookie%253DH1I2i050UYQbWQnVaTjUShYg HTTP 302
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3DH1I2i050UYQbWQnVaTjUShYg HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UYQbWQnVaTjUShYg
Request Chain 272
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID HTTP 302
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=320dd50a-6050-433c-946f-f1e399f43208-tuct9a4e318&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Request Chain 276
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FF6D94AD82C546B38AEDAF5FBB9D441E
Request Chain 277
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7OWpLZpV1O1SAg5&gdpr=0&gdpr_consent=
Request Chain 279
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&gdpr= HTTP 302
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&gdpr=&fbounce=1 HTTP 302
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&addseg=19,36,42
Request Chain 280
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&sInitiator=external&gdpr=0&gdpr_consent= HTTP 302
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&sInitiator=external&gdpr=0&gdpr_consent=
Request Chain 282
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F HTTP 302
  • https://a.audrte.com/p
Request Chain 284
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COOKIES%20HERE]&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7439562014725789384
Request Chain 285
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1244441007486675437&gdpr=0&gdpr_consent=
Request Chain 286
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zLgmcs_uf3XX7yJ2zblqdcy6ciHX6CUimLP_6miY
Request Chain 287
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent= HTTP 302
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic HTTP 302
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920985061272&expires=30&ssp=pubmatic HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=605d3ec1-7c39-4340-9bef-c98d39cf90dc&gdpr=&gdpr_consent=&gdpr_pd=
Request Chain 289
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&redir=true&gdpr=0&gdpr_consent= HTTP 302
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-o2FEXaJE2uWrO99ySwzUWQfTbJUWwfI-~A&gdpr=0&gdpr_consent=
Request Chain 290
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4275766673580835195&gdpr=0&gdpr_consent=&us_privacy=
Request Chain 292
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:73f32874-552b-4b77-a295-41e82d4babf5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Request Chain 293
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1244441007486675437
Request Chain 296
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_consent= HTTP 302
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=631f16fd-ed93-11ec-8290-0b5c966f72f2&gdpr=0&gdpr_consent=

300 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncfCW3X-x-w21RpnHMcxHHxF6SMYW1zpX1y7jsdBFN7gCNm65yJrXW8NcdgH60T8HmW2syrXc5hnLg...
www.venminder.com/e3t/Ctc/WW+113/c2Npz04/ 		9 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.venminder.com/e3t/Ctc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncfCW3X-x-w21RpnHMcxHHxF6SMYW1zpX1y7jsdBFN7gCNm65yJrXW8NcdgH60T8HmW2syrXc5hnLgcN2K-bKNnSfCfW4f_9gZ2mh-p3W4fTmMZ5Qns2bN10MTJCngZkMW6KKtpS5fyFyZW3nypPJ23GYVPW3Gg9l-2Z1WpKW5mb-m77vFYHkV4t6gG6zQdwdW8Wv_c94lFfLYW8t2qJv1WvyFfW7Jgwck47g7DWW97-_VH8XDpZpW5VxQ2s4ZqW36W49dkxV1NzHyP32Y41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:2c40::c73c:671c , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
71c500436a3a929b-FRA
content-encoding
br
content-type
text/html;charset=utf-8
date
Thu, 16 Jun 2022 16:42:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
last-modified
Thu, 16 Jun 2022 16:42:51 GMT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=73sAefbIr3F9gr0V5B7Cec81hUkyCihSTlpeOY0gRzptqTm%2Fa3i02PaRGyp8M1LAemnpk3bsrNS4plPHHmnpgD83ChSmZHby3fB7cjL0nXKQlAGqVjekw7esMwuk0lHnByRSrsriI39D1lqPTvk6"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-hubspot-correlation-id
a318856f-2778-4d96-857d-35d9cbf6e2d7
x-robots-tag
none
Primary Request /
threatpost.com/kaiser-permanente-breach/179949/
Redirect Chain
  • https://www.venminder.com/events/public/v1/encoded/track/tc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncf...
  • https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebN...
90 KB
23 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Requested by
Host: www.venminder.com
URL: https://www.venminder.com/e3t/Ctc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncfCW3X-x-w21RpnHMcxHHxF6SMYW1zpX1y7jsdBFN7gCNm65yJrXW8NcdgH60T8HmW2syrXc5hnLgcN2K-bKNnSfCfW4f_9gZ2mh-p3W4fTmMZ5Qns2bN10MTJCngZkMW6KKtpS5fyFyZW3nypPJ23GYVPW3Gg9l-2Z1WpKW5mb-m77vFYHkV4t6gG6zQdwdW8Wv_c94lFfLYW8t2qJv1WvyFfW7Jgwck47g7DWW97-_VH8XDpZpW5VxQ2s4ZqW36W49dkxV1NzHyP32Y41
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7b4c525d983635413262bf2935f2ed6fc2d6c4666632ef0bda31f30e75109d02
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.venminder.com/e3t/Ctc/WW+113/c2Npz04/VVGTff44fnptW89tH5y1_Fss7W46ZLVZ4LmSgSN39GZD33q3n_V1-WJV7CgYVfN6zHC_RYvR9zV4yKnx8XCxhkW8LC80V8q_TFcN3smyXvmdF9JVYVTVB35ncfCW3X-x-w21RpnHMcxHHxF6SMYW1zpX1y7jsdBFN7gCNm65yJrXW8NcdgH60T8HmW2syrXc5hnLgcN2K-bKNnSfCfW4f_9gZ2mh-p3W4fTmMZ5Qns2bN10MTJCngZkMW6KKtpS5fyFyZW3nypPJ23GYVPW3Gg9l-2Z1WpKW5mb-m77vFYHkV4t6gG6zQdwdW8Wv_c94lFfLYW8t2qJv1WvyFfW7Jgwck47g7DWW97-_VH8XDpZpW5VxQ2s4ZqW36W49dkxV1NzHyP32Y41
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Thu, 16 Jun 2022 16:42:52 GMT
link
<https://threatpost.com/wp-json/>; rel="https://api.w.org/" <https://threatpost.com/wp-json/wp/v2/posts/179949>; rel="alternate"; type="application/json" <https://threatpost.com/?p=179949>; rel=shortlink
server
nginx/1.18.0
strict-transport-security
max-age=31536000; includeSubDomains
x-cache-hit
MISS
x-content-type-options
nosniff
x-debug-auth
off
x-frame-options
SAMEORIGIN
x-request-host
threatpost.com
x-xss-protection
1; mode=block

Redirect headers

access-control-allow-credentials
false
cf-cache-status
MISS
cf-ray
71c50046ff8e929b-FRA
date
Thu, 16 Jun 2022 16:42:51 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
link
<https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email>; rel="canonical"
location
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
referrer-policy
no-referrer
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5S4NtW4rmp9tw4JLvUQKM0%2BP16rlnaAlOWgGxsHWwkVsZK4LR8DtTXOVEeVXW4Wr4xDRS1rqQK264zuQ5D%2BRe%2BRuMzhQy4WLPt62AVKiDipCeCnTYkj2TM1Ure0hGcBRVD9QwnMKse2jpIji9CuL"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding
x-hubspot-correlation-id
6adb5aa8-f200-4328-ad79-40b2c7b93846
x-robots-tag
none
museosans-900italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
15 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-3ca8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15528
museosans-900-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-900-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-5124"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20772
museosans-700italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		15 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-3dcc"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
15820
museosans-700-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-700-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-51a4"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20900
museosans-500italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-5c74"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23668
museosans-500-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-500-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-5194"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20884
museosans-300italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-5bac"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23468
museosans-300-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-300-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-51b8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20920
museosans-100italic-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100italic-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-5b34"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
23348
museosans-100-webfont.woff2
threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/ 		20 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/fonts/museosans-100-webfont.woff2
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7

Request headers

Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:52 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-50c8"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
20680
op.js
tagan.adlightning.com/math-aids-threatpost/ 		44 KB
19 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/op.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06a56259d697f359d74696a09b3316301fbd8673193afee3bcc231e0a25b93e2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-version-id
bC9wYSN_Vzt7XnaVVmSmrGQYEqYE8lmu
content-encoding
gzip
etag
"ce8e01a7ef85ed74fc3bc600280515d7"
age
421
x-cache
Hit from cloudfront
content-length
18531
x-amz-meta-git_commit
7b120a5
last-modified
Thu, 16 Jun 2022 09:33:25 GMT
server
AmazonS3
date
Thu, 16 Jun 2022 16:42:53 GMT
content-type
application/javascript
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=3600
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
x-amz-cf-id
rFUBRKXkIUqbFuxZLXpR8WucyCWP0LCAPuYzCNmSEvwad5HMOXhmow==
gpt.js
www.googletagservices.com/tag/js/ 		82 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/tag/js/gpt.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4a47bf17af3501f270a0005dc1c4af182c380631a9d828d9aa98ad66f8ea22bb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28113
x-xss-protection
0
server
sffe
etag
"1246 / 580 of 1000 / last-modified: 1655377890"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jun 2022 16:42:53 GMT
ros-layout.js
qd.admetricspro.com/js/threatpost/ 		26 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/ros-layout.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
7a3fcd53b20a6fdf183b0340f596a6431a280459adb871f43e617cecd5d57681

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Fri, 08 Apr 2022 16:11:01 GMT
server
cloudflare
etag
W/"679a-5dc26d73770fc-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3Oj85YGYu9wn4XjclIfAaykHk0AhqdFQTR5G88gOsWqM6F41rbjvhrFZR3Uxz93rlmcWqD%2FIONq3DhxfRNjPjoCJ8Edy8uDLZH769d1fax6Go7e6oJV%2FuTw%2F7Jib81eJK%2B16scFvRufZMTb%2BA4MKCivh"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71c50050f9a99a2f-FRA
expires
Thu, 16 Jun 2022 16:45:54 GMT
cmp.js
qd.admetricspro.com/js/threatpost/ 		310 KB
90 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/cmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Tue, 01 Jun 2021 14:47:10 GMT
server
cloudflare
etag
W/"4d957-5c3b56abf6028-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KyXoT9SJMJK8f68Qrq9EHRLjSGvNllIfaX7cFUXoN1mgpFfBUGfw04fYsUE1QWSxzNsl9S%2BH1%2FwVcjxQGK1OQL%2Bgsw%2F9Ge1lGW78HqNYonemG5MijDFYPx%2FIJAZ2driuEIkzF8fyzMfKmqceorY7sxBd"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71c500542fe99a2f-FRA
expires
Thu, 16 Jun 2022 16:49:26 GMT
uspcmp.js
qd.admetricspro.com/js/threatpost/ 		148 KB
58 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/uspcmp.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Sat, 08 Aug 2020 22:40:07 GMT
server
cloudflare
etag
W/"24e50-5ac65673cef1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ec%2FkRYcbq7l%2FlmV0LRUA%2FXJRCWXgsugkP%2Fk5B1nTklZ3F%2BpkVN0kqpHGhTWkG4Ju51pBKqSA0KJMSPGjrxeCM3lQw2OeDx64Ve2y%2FjQse8AVXUU8PT8BRDUsQ5nYGKC5heaqJNaPoMtANpNUdJ3%2Fqfq2"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71c500542fec9a2f-FRA
expires
Thu, 16 Jun 2022 16:49:20 GMT
targeting.js
qd.admetricspro.com/js/threatpost/ 		393 B
524 B 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/targeting.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Wed, 04 Aug 2021 21:50:12 GMT
server
cloudflare
etag
W/"189-5c8c2c96f96c7-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GLdmFCZQYk0IFLlUy3xIX4X9hIIt2nJRbkdShMaksT%2BMXAMR4pVOZ2Vy6gqSAuY4sslMmhoC6CN3CV1OgDNA32T1PA8fK8GoT5EvxKRUxo7Ag8CyAzKVbYl%2Fac3O15ICQIRmyY3LFTsjC0LoJxl6j4Qs"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71c500542fee9a2f-FRA
expires
Thu, 16 Jun 2022 16:49:00 GMT
prebid.js
qd.admetricspro.com/js/threatpost/ 		459 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/prebid.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 02 May 2022 16:56:40 GMT
server
cloudflare
etag
W/"72c32-5de0a46b45676-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xS4JWODey7BVpY0QzmZveCuAdJYiJxysd3vINKV0aM5RfCJSrbE7Md72cv80%2FnolpPpOfU2hMDYJyUw0837iud2Druc82bd9MaPbGBBk09W29FvWexX7cgV8H%2ByPEsbXLfW79WjnKZKly4qe06qlleb4"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71c500542fef9a2f-FRA
expires
Thu, 16 Jun 2022 16:49:26 GMT
engine.js
qd.admetricspro.com/js/threatpost/ 		35 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/threatpost/engine.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified
Mon, 24 Jan 2022 02:31:38 GMT
server
cloudflare
etag
W/"8cae-5d64ac49b9c1c-gzip"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QBylM%2F%2FMgT4tbZNFtpC647nbkwNEqLb11vLK4bt8j5uI7hwchtjmYvBSFg2%2BLvV7BJmKzTvUH3XoUEZvACBn1haZKSli9g7gG74xwtqIQttZCkSJ8JmmbVQ8GKogdLieMA4nO44Cpjv50%2FFJs7DSnchb"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=14400
cf-ray
71c50050f9aa9a2f-FRA
expires
Thu, 16 Jun 2022 16:44:23 GMT
/
threatpost.com/wp-content/plugins/bwp-minify/min/ 		294 KB
42 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
vary
Accept-Encoding
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
cache-control
max-age=86400
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
x-cache-hit
HIT
x-debug-auth
off
x-request-host
threatpost.com
content-length
42696
expires
Fri, 17 Jun 2022 12:02:51 GMT
jquery-1.12.4-wp.js
threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/ 		95 KB
34 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-enable-jquery-migrate-helper/js/jquery/jquery-1.12.4-wp.js?ver=1.12.4-wp
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-17a56"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
lazyload.js
threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/lazyload.js?ver=202224051706
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
3307268982e18bae27fb0691dea184c6a6ce845db0f6ce1f41ca63e948dde8a6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-1a91"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
alert_text.js
threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/ 		107 B
342 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert_text.js?ver=1655157277
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-6b"
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
107
expires
Thu, 23 Jun 2022 16:42:53 GMT
alert.js
threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/ 		4 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-cookies-notification/scripts/alert.js?ver=1655157277
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-104a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
public.js
threatpost.com/wp-content/plugins/honeypot-comments/public/assets/js/ 		116 B
351 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/honeypot-comments/public/assets/js/public.js?ver=1.0.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
931dc539e87db7f509be9c77dfcc9b2baee0b91e5236aa04580ab14ed81e2cc0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-74"
content-type
application/javascript
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
116
expires
Thu, 23 Jun 2022 16:42:53 GMT
kaspersky-twitter-pullquote.js
threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/ 		599 B
589 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kspr_twitter_pullquote/js/kaspersky-twitter-pullquote.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-257"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
loadmore.js
threatpost.com/wp-content/themes/threatpost-2018/assets/js/ 		4 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/loadmore.js?ver=5.9.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-11e7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
social-share.js
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/ 		18 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/js/social-share.js?ver=1.0.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-484d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
breach-2018-year-in-review.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/12/19164049/ 		132 KB
132 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/12/19164049/breach-2018-year-in-review.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a4629b98fd964ae60a2d548906bc08519f86fab3feb8b6f95561d56a10925ad2

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Fri, 10 Jun 2022 23:09:35 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 21:40:50 GMT
server
AmazonS3
age
495199
etag
"4b39aa7be6699699b71376a29ad21080"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
134673
x-amz-cf-id
UGz01oo3Z2gVbU9dUEeFTh36Pdh1XDuADDgtxF59K80NvH5hKWNDCA==
expires
Thu, 19 Dec 2019 21:40:49 GMT
infosec_insiders_in_article_promo.png
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/07/10165815/ 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/07/10165815/infosec_insiders_in_article_promo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 08:54:45 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Tue, 10 Aug 2021 20:58:17 GMT
server
AmazonS3
age
719289
etag
"101ba02c43488b8b07cf42f9aa850f6a"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
20484
x-amz-cf-id
dd_RWPBNCKh5zRrfZsCLCyBwu7w8AUwhxAKBzQ_hf-r3BXBu6NPBuQ==
expires
Wed, 10 Aug 2022 20:58:15 GMT
api.js
www.google.com/recaptcha/ 		852 B
622 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
d60f650c218ffa1bfcec8b2afb20e6e842a9d987857f73a97553479df558c333
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
553
x-xss-protection
1; mode=block
expires
Thu, 16 Jun 2022 16:42:53 GMT
scripts.js
kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/ 		2 KB
919 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/threatpost-global/wp-content/plugins/kaspersky-embeds/js/scripts.js?ver=1.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-828"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
api.js
www.google.com/recaptcha/ 		852 B
969 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
32a4e737d032865d27cb838442f6700af7be0348992c8c92663ea3b7023897f1
Security Headers
Name Value
Content-Security-Policy frame-ancestors 'self'
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
GSE
x-frame-options
SAMEORIGIN
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=300
cross-origin-resource-policy
cross-origin
content-security-policy
frame-ancestors 'self'
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
556
x-xss-protection
1; mode=block
expires
Thu, 16 Jun 2022 16:42:53 GMT
main.js
threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-gravity-forms-dynamic-recaptcha/assets/js/main.js?ver=202124050927
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-ab4"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
main.js
threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/ 		437 B
532 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-lazy-load/assets/js/main.js?ver=202224051706
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
0de5867fb96beb7a6df6147dea8d8f921d522b0822b0bdc46ac1af2277d3215c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-1b5"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
s_code_single_suite.js
media.kaspersky.com/tracking/omniture/ 		173 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , CHACHA20_POLY1305
Server
185.85.15.23 , Germany, ASN200107 (KL-EXT, CH),
Reverse DNS
Software
/ Kaspersky Labs, Kaspersky Labs
Resource Hash
08ef1b0d0a5b28f6b46bf1ead021b06c3dbcae98046af12205b4d7d478d743d2
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
content-encoding
gzip
etag
"80ca4259a675d81:0"
x-powered-by
Kaspersky Labs, Kaspersky Labs
alt-svc
h3=":443"; ma=86400
content-length
49340
x-xss-protection
1; mode=block
last-modified
Wed, 01 Jun 2022 10:57:13 GMT
server
x-frame-options
SAMEORIGIN
date
Thu, 16 Jun 2022 16:42:53 GMT
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=3600
x-server
fr1/FRA3
accept-ranges
bytes
x-content-type-options
nosniff
main.js
threatpost.com/wp-content/themes/threatpost-2018/assets/js/ 		114 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/js/main.js?ver=202107061113
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
4e0b5563ff1fc5175d65e11e1546bee1945486d65d76c9248bdd77487532dadf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-1c643"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
regenerator-runtime.min.js
threatpost.com/wp-includes/js/dist/vendor/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/vendor/regenerator-runtime.min.js?ver=0.13.9
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-195e"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
wp-polyfill.min.js
threatpost.com/wp-includes/js/dist/vendor/ 		19 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=3.15.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-4b3d"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
dom-ready.min.js
threatpost.com/wp-includes/js/dist/ 		1 KB
857 B 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/dom-ready.min.js?ver=ecda74de0221e1c2ce5c57cbb5af09d5
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-4e9"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
hooks.min.js
threatpost.com/wp-includes/js/dist/ 		6 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/hooks.min.js?ver=1e58c8c5a32b2e97491080c5b10dc71c
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-163a"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
i18n.min.js
threatpost.com/wp-includes/js/dist/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/i18n.min.js?ver=30fcecb428a0e8383d3776bcdd3a7834
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-28a7"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
a11y.min.js
threatpost.com/wp-includes/js/dist/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-includes/js/dist/a11y.min.js?ver=68e470cf840f69530e9db3be229ad4b6
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-bfd"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
jquery.json.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/jquery.json.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-730"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
gravityforms.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		43 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/gravityforms.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
69f0ade8cca67112ef495f707fb73c68fd5099a6cd9c51d9ba9ceda8dcca16f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-abe0"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
conditional_logic.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/conditional_logic.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-213f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
placeholders.jquery.min.js
threatpost.com/wp-content/plugins/gravityforms/js/ 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/gravityforms/js/placeholders.jquery.min.js?ver=2.5.16.3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-121f"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=604800, public
expires
Thu, 23 Jun 2022 16:42:53 GMT
apstag.js
c.amazon-adsystem.com/aax2/ 		140 KB
38 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/aax2/apstag.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/engine.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-amz-server-side-encryption
AES256
date
Thu, 16 Jun 2022 16:34:09 GMT
via
1.1 b3fce8903671f8346e7a6a138d2d4610.cloudfront.net (CloudFront), 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
last-modified
Thu, 09 Jun 2022 19:19:59 GMT
server
AmazonS3
age
525
etag
W/"915836bd4f06d8d29dfc0840694722ed"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, max-age=3600
x-amz-cf-pop
FRA60-P1, FRA56-P6
content-encoding
gzip
x-amz-cf-id
0fA2oyl-J_L7pXk-T8-UI25sJiK0ro4TWVsKw_kQzwBEfbycP000Kg==
connatix.player.dc.js
cds.connatix.com/p/166750/ Frame BCF1
Redirect Chain
  • https://cd.connatix.com/connatix.player.js
  • https://cds.connatix.com/p/166750/connatix.player.dc.js
1 MB
276 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/166750/connatix.player.dc.js
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e424b58894f4e17a42f195b2074412aeade9e19e216056a1ada7eedd45671223

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 15:14:03 GMT
age
5188
etag
"f83bb3a39af6b366e248f53cf76e335e"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
282427

Redirect headers

location
https://cds.connatix.com/p/166750/connatix.player.dc.js
date
Thu, 16 Jun 2022 16:42:53 GMT
cache-control
no-cache, no-store, must-revalidate, max-age=0
accept-ranges
bytes
content-length
0
access-control-max-age
86400
/
kasperskycontenthub.com/ 		0
300 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kasperskycontenthub.com/?dm=ed1f9e435dc885292eab65620c51f3fb&action=load&blogid=103&siteid=1&t=115667033&back=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx/1.18.0
x-frame-options
SAMEORIGIN
content-type
application/javascript
x-cache-hit
MISS
x-debug-auth
off
strict-transport-security
max-age=31536000; includeSubDomains
x-request-host
kasperskycontenthub.com
vary
Accept-Encoding
x-xss-protection
1; mode=block
gtm.js
www.googletagmanager.com/ 		186 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
fcb88962e3b91209279fa80c6b18a5d80703734ee775174dc8bf9f848c104f5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
63451
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 15:30:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Jun 2022 16:42:53 GMT
gtm.js
www.googletagmanager.com/ 		486 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
cc17e5cab98ea25e9fdc78c4c2efb04323d4b0136e903b270beecf15278ae7a4
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117963
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 15:30:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Jun 2022 16:42:53 GMT
icons.svg
threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/ 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018//assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-328e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
icons.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/ 		13 KB
4 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/sprite/icons.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-328e"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
logo.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-4a32"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
18994
expires
Thu, 23 Jun 2022 16:42:53 GMT
mail-plane-light.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		828 B
539 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-light.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-33c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
twitter-blue.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		868 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/twitter-blue.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-364"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
mail-plane-large-dark.svg
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		812 B
542 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/mail-plane-large-dark.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
W/"62a7b21d-32c"
vary
Accept-Encoding
content-type
image/svg+xml
access-control-allow-origin
*
logo-white.png
threatpost.com/wp-content/themes/threatpost-2018/assets/images/ 		10 KB
10 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/themes/threatpost-2018/assets/images/logo-white.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
public
date
Thu, 16 Jun 2022 16:42:53 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-260a"
content-type
image/png
cache-control
max-age=604800, public
accept-ranges
bytes
content-length
9738
expires
Thu, 23 Jun 2022 16:42:53 GMT
Liz-Montalbano-headshot.jpg
media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095657/ 		77 KB
78 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.threatpost.com/wp-content/uploads/sites/103/2021/05/05095657/Liz-Montalbano-headshot.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:e600:0:5c46:4f40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
369c67a5afb2ffa25d4480b3781a938e7fe7c5633f89d36570e2c1cc23c49eff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Sat, 07 May 2022 05:06:09 GMT
via
1.1 c6702f5f3b6e77da6f394e67ef1a6aaa.cloudfront.net (CloudFront), 1.1 1d87c34bb2f20fda8e0841bc33179768.cloudfront.net (CloudFront)
last-modified
Tue, 11 May 2021 15:45:08 GMT
server
AmazonS3
age
3497805
etag
"09775ac22fdd614b1588724aaef06c61"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1, FRA50-C1
accept-ranges
bytes
content-length
78876
x-amz-cf-id
jsSXAb3CHcipaOfb1YqZezZydtaCjYEMUc5OaO6JNc7ypPmWooIsvQ==
expires
Wed, 11 May 2022 15:45:07 GMT
Facebook2-540x270.png
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/12/19152401/ 		58 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/12/19152401/Facebook2-540x270.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
3299da9c9dfb78639c6b52475c844794f7a9f440a703f4151f33c13ee49cdbdb

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 12:40:32 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Wed, 19 Dec 2018 20:24:04 GMT
server
AmazonS3
age
100942
etag
"3ba097ac2309eb771a5005f79444a9e1"
x-cache
Hit from cloudfront
content-type
image/png
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
59156
x-amz-cf-id
OibNEJKeYfVzs2y7KjVYIm8ZGRPWv0_9yVqi__Drc50ei7srICE_nA==
expires
Thu, 19 Dec 2019 20:24:01 GMT
airline-data-540x270.jpeg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/02/07101809/ 		17 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/02/07101809/airline-data-540x270.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f1cb4d176a659ea1612b1a5db13782f324722c40c57e5a9d735182e8500bda29

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 15 Jun 2022 13:39:26 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Thu, 07 Feb 2019 15:18:12 GMT
server
AmazonS3
age
97407
etag
"91863977e5813044aefb0e26d2720599"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
17078
x-amz-cf-id
Kmv3kwYElXO7HZEXQGM6aq6CLoDV0wuJMKPS-5KFz8JjxfHnyQe5sQ==
expires
Fri, 07 Feb 2020 15:18:09 GMT
Wireless_Bluetooth_BLE-540x270.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/11/01103508/ 		40 KB
40 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2018/11/01103508/Wireless_Bluetooth_BLE-540x270.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
bfe7ff15a7683b1233aeeaf43dae728a932ae8cc52d8f89bed27482848ce71c9

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 13 Jun 2022 12:37:09 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Thu, 01 Nov 2018 14:35:11 GMT
server
AmazonS3
age
273944
etag
"5440c668e9b9230e3300ccdeca7180aa"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
40847
x-amz-cf-id
pFuBCWM2i9GeH4vGpVc-7EXg6Ek0hmIz8dnfYl2z702QxptihoINmg==
expires
Fri, 01 Nov 2019 14:35:08 GMT
UVM-Medical-Center-cyberattacl-64x64.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2020/11/09143413/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2020/11/09143413/UVM-Medical-Center-cyberattacl-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88a5824231c614e5e60fbebc9b362419217749264718cf44d4a568b72adcb9ca

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 11:29:07 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Mon, 09 Nov 2020 19:34:17 GMT
server
AmazonS3
age
18827
etag
"5460bcd958d1684af254e1b03bccdd1c"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2160
x-amz-cf-id
nj6FzyOMqXxdc7gaf5SO1KrjknBBPsZqmu5ovjU2Tm8DwpbG2ZhTaA==
expires
Tue, 09 Nov 2021 19:34:16 GMT
remote_desktop_abstract-64x64.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2022/05/05082831/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2022/05/05082831/remote_desktop_abstract-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
b694bf959615b28103870885944a1506c62d3a538276cb388269ab0d2a86ad4c

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 13:39:01 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Thu, 05 May 2022 12:28:36 GMT
server
AmazonS3
age
702233
etag
"52f7189ef24a3b813232bbfdad00f483"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2161
x-amz-cf-id
-YcDw6u-Szg3NDLwrBz3xeZkYc81ciEWfc4eBCUyUuTHK1CSFFNAXg==
expires
Fri, 05 May 2023 12:28:35 GMT
risks-ahead-64x64.jpg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/11/20112437/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/11/20112437/risks-ahead-64x64.jpg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
8b0ee79f710af4fb47a3308e5e584f9c5729229dc75e731d9bb6ccd52c52dd40

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 07 Jun 2022 13:25:24 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Wed, 20 Nov 2019 16:24:40 GMT
server
AmazonS3
age
789450
etag
"6f099b4eeced58a8c690b82017c02466"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
1756
x-amz-cf-id
JXP5w13BsEFfLDOZajlISdRSJ01f6TCibNoQ70u_i878edlNIuDQzQ==
expires
Thu, 19 Nov 2020 16:24:37 GMT
ransomware-64x64.jpeg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/12/05152830/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2019/12/05152830/ransomware-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
a2a1df46bf3ce0a1a75cf6d24bf8881b30fa34d1ab2833f90c07366823cbd094

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Wed, 08 Jun 2022 06:41:27 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Thu, 05 Dec 2019 20:28:33 GMT
server
AmazonS3
age
727287
etag
"fbb8917c985091ae6283cc9874487ea6"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2492
x-amz-cf-id
iC0epvvC-1-0mRPVwXK4PDMyUdQXj8X9SvEhlpFSA0DrjJAFZmJLHg==
expires
Fri, 04 Dec 2020 20:28:30 GMT
zero-trust-64x64.jpeg
media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/06/11165310/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://media.kasperskycontenthub.com/wp-content/uploads/sites/103/2021/06/11165310/zero-trust-64x64.jpeg
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4600:1b:d000:d280:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
2601819d7387eaa39cdce9df2aac15559572e9974bfe2d83bfb89b5873cf638a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Mon, 06 Jun 2022 00:50:57 GMT
via
1.1 e64eb476d8f76c461d21278e018e194e.cloudfront.net (CloudFront)
last-modified
Fri, 11 Jun 2021 20:53:15 GMT
server
AmazonS3
age
921117
etag
"0dbac1a64b0c995eba2c1af030a0b84b"
x-cache
Hit from cloudfront
content-type
image/jpeg
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-length
2204
x-amz-cf-id
WdLzGhXVldyxFPKHpIlwNn-zcO8G6i_oHDm1n3Xx_KxiPQKqfp7UYQ==
expires
Sat, 11 Jun 2022 20:53:14 GMT
recaptcha__en.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 		363 KB
144 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__en.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=en&render=explicit
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
483dfad907203c4c6ff5432a4d8f8505778096755cc05cf86d657137e2370e62
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 14:17:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
8729
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
146778
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 14:17:24 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/166750/ Frame BCF1 		0
47 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/166750/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 15:14:03 GMT
age
5189
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
player.css
cds.connatix.com/p/166750/ 		58 KB
9 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/166750/player.css
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 15:14:03 GMT
age
5189
etag
"b07e9f868d1c559a08538d3b52f384bc"
vary
Accept-Encoding
content-type
text/css
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
8890
pubads_impl_2022061401.js
securepubads.g.doubleclick.net/gpt/ 		370 KB
126 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068073
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:21:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
1279
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
128388
x-xss-protection
0
last-modified
Tue, 14 Jun 2022 08:34:51 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
public, immutable, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Fri, 16 Jun 2023 16:21:34 GMT
ppub_config
securepubads.g.doubleclick.net/pagead/ 		152 B
743 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=threatpost.com
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
ce25151bcfa9459107d78e8c9f835bc98d98f363821f32b20b65b6dbd56551a0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 16:42:53 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
106
x-xss-protection
0
expires
Thu, 16 Jun 2022 16:42:53 GMT
b-7b120a5-9b871d4e.js
tagan.adlightning.com/math-aids-threatpost/ 		73 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/b-7b120a5-9b871d4e.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Tue, 01 Mar 2022 01:25:38 GMT
content-encoding
gzip
age
9299836
x-cache
Hit from cloudfront
content-length
28179
x-amz-meta-git_commit
7b120a5
last-modified
Mon, 16 Aug 2021 17:49:31 GMT
server
AmazonS3
etag
"c42a7ac1ac405f3f0cad04305cad5553"
x-amz-version-id
HCJNSpgvHPkSF2.YDap.Qx6PnxOllH79
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
37e5MaLDo1LHMTvnPraAue0zZxo0tz_gNNo6ljAjCI32SZI-VdiYXA==
bl-add3632-4f4ec9ec.js
tagan.adlightning.com/math-aids-threatpost/ 		46 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tagan.adlightning.com/math-aids-threatpost/bl-add3632-4f4ec9ec.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.94 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-94.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
9ef588ae664daf060b3974c54b6985d7547378df2ee26a55c5a96d04715660f7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 09:34:14 GMT
content-encoding
gzip
age
25720
x-cache
Hit from cloudfront
content-length
19765
x-amz-meta-git_commit
add3632
last-modified
Thu, 16 Jun 2022 09:33:05 GMT
server
AmazonS3
etag
"c30394dd1f6799b9f9af78f672ac8a0e"
x-amz-version-id
ywumTyOXMQV2lILhYPkKcitZawAHDBc.
via
1.1 a267c4458d5587daaaf85f1d134a02d4.cloudfront.net (CloudFront)
cache-control
max-age=31536000
x-amz-cf-pop
FRA50-C1
accept-ranges
bytes
content-type
application/javascript
x-amz-cf-id
V-S0tqyHWCpSMCwPIfST57uYz5EYax2rxqCZTNB4HivWRBvH6F7lZw==
pls
capi.connatix.com/core/ Frame BCF1 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://capi.connatix.com/core/pls?v=166750
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7bbe22634e1274ae48559b6c10ef3cf5eea691e0d9c52c4da6bcf8df4ae145a7

Request headers

Referer
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
multipart/form-data

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
vary
Accept-Encoding
content-type
application/x-protobuf
access-control-allow-origin
https://threatpost.com
access-control-max-age
86400
access-control-allow-credentials
true
accept-ranges
bytes
content-length
3319
vendor-list.json
qd.admetricspro.com/js/cmp2/ 		318 KB
43 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://qd.admetricspro.com/js/cmp2/vendor-list.json
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/cmp.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2606:4700:3030::ac43:cf70 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
br
cf-cache-status
DYNAMIC
last-modified
Tue, 03 May 2022 16:25:12 GMT
server
cloudflare
etag
W/"4f6fe-5de1df3ffe732"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d4UQtgUzMXssF40U6%2FVnky6VP0UAYOYey7b%2B0Wi6LpXolz5DNcZTyLlShw7eyhmT5tLSuYNPnGKQ%2B2%2F4f032tYnehbc7d3b8MHjpuadx0bXWRYISwsZyCBuJkTl1EZT4YaBmPy6usNm%2BMdJSLznbPBah"}],"group":"cf-nel","max_age":604800}
content-type
application/json
access-control-allow-origin
*
cache-control
max-age=600
cf-ray
71c500590d15906c-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 16 Jun 2022 16:52:54 GMT
recaptcha__de.js
www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/ 		367 KB
145 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/recaptcha/releases/g9jXH0OtfQet-V0Aewq23c7K/recaptcha__de.js
Requested by
Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?render=explicit&ver=202124050927
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
380
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
148524
x-xss-protection
0
last-modified
Mon, 06 Jun 2022 04:02:41 GMT
server
sffe
cross-origin-opener-policy
same-origin-allow-popups; report-to="recaptcha"
vary
Accept-Encoding
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type
text/javascript
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 16 Jun 2023 16:36:34 GMT
id
dpm.demdex.net/ 		368 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://dpm.demdex.net/id?d_visid_ver=4.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_orgid=983502BE532960BE0A490D4C%40AdobeOrg&d_nsid=0&ts=1655397772752
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.3
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.243.218.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-218-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
3fde9b7199f6e1d03dd18a48a9bf140d6b56b210a91e78adf4541f2962246daa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

DCS
dcs-prod-irl1-1-v034-02050f93f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-TID
nIRBu6hmSng=
Vary
Origin
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json;charset=utf-8
Content-Length
311
Expires
Thu, 01 Jan 1970 00:00:00 UTC
gtm.js
www.googletagmanager.com/ 		444 KB
114 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-T45JW6B&l=dataLayer
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WZ7LJ3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
35148e5ceabd401a7801a115156079cf0a6be4d381ab2af4d8456a4c54c97a2d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
117184
x-xss-protection
0
last-modified
Thu, 16 Jun 2022 15:30:45 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 16 Jun 2022 16:42:54 GMT
config
c.amazon-adsystem.com/cdn/prod/ 		662 B
1017 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/cdn/prod/config?src=600&u=https%3A%2F%2Fthreatpost.com&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 12:00:06 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
server
Server
age
16967
x-cache
Hit from cloudfront
content-type
application/json;charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
max-age=21550, s-maxage=21600
access-control-allow-credentials
true
x-amz-cf-pop
FRA56-P6
content-length
662
x-amz-cf-id
Y2D51cg-kE_wAI5CT8lMrFVxyLpNahNTCe3Dldt8TtuPipWba3drCg==
aps_csm.js
c.amazon-adsystem.com/bao-csm/aps-comm/ 		6 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/bao-csm/aps-comm/aps_csm.js
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 07:16:00 GMT
content-encoding
gzip
vary
Accept-Encoding,Origin
age
34015
x-cache
Hit from cloudfront
access-control-allow-origin
*
last-modified
Thu, 16 Jun 2022 07:15:00 GMT
server
AmazonS3
etag
W/"a4d296427fc806b21335359e398c025c"
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-version-id
V0pVBg0mlfLR15rr7Wd2OdbBwvWb7BSE
via
1.1 b4bf06ec43f99543c974d975a6c597da.cloudfront.net (CloudFront)
cache-control
public, max-age=86400
x-amz-cf-pop
FRA56-P6
content-type
application/javascript
x-amz-cf-id
BmBAOCQvYEE35T_VOtnYuIE1Gw6pADV1JHAK5pTocSpdAEDR5k5K7g==
flipboard.svg
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/ 		236 B
406 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/img/flipboard.svg
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-ec"
content-type
image/svg+xml
access-control-allow-origin
*
accept-ranges
bytes
content-length
236
fontawesome-webfont.woff2
threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://threatpost.com/wp-content/plugins/kaspersky-social-sharing/assets/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: threatpost.com
URL: https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.173.160.135 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-173-160-135.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://threatpost.com/wp-content/plugins/bwp-minify/min/?f=wp-content/plugins/wds-rss-builder/includes/css/select2.min.css,wp-content/plugins/wds-rss-builder/includes/css/wds-rss.css,wp-content/plugins/honeypot-comments/public/assets/css/public.css,wp-content/plugins/kspr_twitter_pullquote/css/style.css,wp-content/plugins/pullquote-shortcode/css/pullquote-shortcode.css,wp-content/themes/threatpost-2018/assets/css/main.css,wp-content/plugins/kaspersky-social-sharing/assets/css/style.css,wp-content/plugins/kaspersky-social-sharing/assets/css/custom.css&ver=v67
Origin
https://threatpost.com
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
last-modified
Mon, 13 Jun 2022 21:54:37 GMT
server
nginx/1.18.0
etag
"62a7b21d-12d68"
content-type
font/woff2
access-control-allow-origin
*
accept-ranges
bytes
content-length
77160
v1
geo.ipify.org/api/ 		349 B
579 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://geo.ipify.org/api/v1?apiKey=at_riPAQYz3EiQ6JhsH05bmtozma13RA
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/uspcmp.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
64.140.160.2 Ogden, United States, ASN18450 (WEBNX, US),
Reverse DNS
threatintelligenceplatform.com
Software
nginx /
Resource Hash
23e312f2999b301b0a243d53e4051d018ad3a9c956af0561a56cf928e336f375
Security Headers
Name Value
X-Frame-Options SAMEORIGIN

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:42:54 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
Server
nginx
X-Frame-Options
SAMEORIGIN
Content-Type
application/json
Access-Control-Allow-Origin
*
Cache-Control
no-cache, private
Transfer-Encoding
chunked
Connection
keep-alive
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Apr 2022 21:02:38 GMT
server
Golfe2
age
6827
date
Thu, 16 Jun 2022 14:49:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Thu, 16 Jun 2022 16:49:07 GMT
quant.js
secure.quantserve.com/ 		24 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.quantserve.com/quant.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
etag
"u2JtyZzqnTXwzBUswy2r+w=="
vary
Accept-Encoding
content-type
application/javascript
cache-control
private, max-age=604800
accept-ranges
bytes
expires
Thu, 23 Jun 2022 16:42:54 GMT
uwt.js
static.ads-twitter.com/ 		49 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.ads-twitter.com/uwt.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PM29HLF
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
05448e9440e5f8a66395d7d66a9bfcb9614a80e4e181f6347cd742ec36725ca6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
last-modified
Wed, 08 Jun 2022 18:52:59 GMT
etag
"90b3a450b1a5741eca2aac717f3ebbc2+gzip+gzip"
vary
Accept-Encoding,Host
x-tw-cdn
FT
p3p
CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
cache-control
no-cache
x-cache
HIT, HIT
accept-ranges
bytes
content-type
application/javascript; charset=utf-8
content-length
13714
x-served-by
cache-iad-kjyo7100157-IAD, cache-hhn11523-HHN
insights.bin
ins.connatix.com/5c261ef03a9c8533d65876fbbf96659a/ Frame BCF1 		360 B
467 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ins.connatix.com/5c261ef03a9c8533d65876fbbf96659a/insights.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
7a6c64cbf0f0ca0187c9c44d092ad0dbca8f087e7ed820491d1a411e20472ad6

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
last-modified
Tue, 14 Jun 2022 11:09:47 GMT
age
191032
etag
"eb4e115e57b6beaabd325e78cc88014a"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
231
pubcid.min.js
secure.cdn.fastclick.net/js/pubcid/latest/ 		53 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secure.cdn.fastclick.net/js/pubcid/latest/pubcid.min.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.89.31.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-89-31-187.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
last-modified
Tue, 01 Jun 2021 17:06:57 GMT
server
Apache
etag
"d398-5c3b75e9ebb41-gzip"
vary
Accept-Encoding
content-type
application/javascript
cache-control
max-age=900
accept-ranges
bytes
content-length
17087
expires
Thu, 16 Jun 2022 16:57:54 GMT
id5-api.js
cdn.id5-sync.com/api/1.0/ 		41 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.id5-sync.com/api/1.0/id5-api.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
46.105.202.126 , France, ASN16276 (OVH, FR),
Reverse DNS
Software
/
Resource Hash
aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:34:57 GMT
content-encoding
br
x-cacheable
Matched cache
x-cdn-pop-ip
137.74.120.0/27
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
content-type
text/javascript;charset=utf-8
cache-control
max-age=3600
x-cdn-pop
sbg
content-disposition
attachment;filename="id5-api.js"
strict-transport-security
max-age=63072000; includeSubDomains; preload
accept-ranges
bytes
content-length
11494
x-request-id
202806112
dest5.html
kaspersky.demdex.net/ Frame 5DD2 		7 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://kaspersky.demdex.net/dest5.html?d_nsid=0
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.249.212.46 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-249-212-46.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
2791
Content-Type
text/html;charset=UTF-8
DCS
dcs-prod-irl1-1-v034-017443be0.edge-irl1.demdex.com UNKNOWN
Expires
Thu, 01 Jan 1970 00:00:00 UTC
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
QuOyYwWZSR8=
content-encoding
gzip
date
Thu, 16 Jun 2022 16:42:54 GMT
last-modified
Wed, 8 Jun 2022 12:46:11 GMT
vary
accept-encoding
id
kaspersky.d3.sc.omtrdc.net/ 		2 B
316 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://kaspersky.d3.sc.omtrdc.net/id?d_visid_ver=4.4.0&d_fieldgroup=A&mcorgid=983502BE532960BE0A490D4C%40AdobeOrg&mid=25607970782630986381060259178707400933&ts=1655397773146
Requested by
Host: media.kaspersky.com
URL: https://media.kaspersky.com/tracking/omniture/s_code_single_suite.js?ver=5.9.3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
15.188.95.229 Paris, France, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-15-188-95-229.eu-west-3.compute.amazonaws.com
Software
jag /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
x-content-type-options
nosniff
server
jag
xserver
anedge-658967d5d4-zngcm
vary
Origin
x-c
main-1649.I02425a.M0-575
p3p
CP="This is not a P3P policy"
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials
true
content-type
application/x-javascript;charset=utf-8
content-length
2
x-xss-protection
1; mode=block
ibs:dpid=411&dpuuid=YqtdjgAAAJTvogOV
dpm.demdex.net/
Redirect Chain
  • https://cm.everesttech.net/cm/dd?d_uuid=33020213730496520520066473953452234431
  • https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqtdjgAAAJTvogOV
42 B
945 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqtdjgAAAJTvogOV
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
HTTP/1.1
Server
34.243.218.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-243-218-67.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

DCS
dcs-prod-irl1-1-v034-092c3146f.edge-irl1.demdex.com UNKNOWN
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
6o8yCz25S/0=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Type
image/gif
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location
https://dpm.demdex.net/ibs:dpid=411&dpuuid=YqtdjgAAAJTvogOV
Date
Thu, 16 Jun 2022 16:42:54 GMT
Cache-Control
no-cache
Server
AMO-cookiemap/1.1
Connection
keep-alive
Content-Length
0
P3P
CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
rules-p-_7kVx0t9Jqj90.js
rules.quantcount.com/ 		2 B
354 B 		Script
General
Check archive.org
Download Go to
Full URL
https://rules.quantcount.com/rules-p-_7kVx0t9Jqj90.js
Requested by
Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:2156:4a00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 15:50:24 GMT
via
1.1 80c1ad5f9352d00b95a9da73eb6b6be4.cloudfront.net (CloudFront)
server
AmazonS3
age
3150
access-control-allow-methods
GET
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
cross-origin-resource-policy
cross-origin
x-cache
Hit from cloudfront
x-amz-cf-pop
FRA50-C1
content-length
2
x-amz-cf-id
tgGVUxhXZdTTF_lVrydO0yBzd7qDa2cpCxuPGtGoCMQpJLaCztuw6A==
adsct
t.co/i/ 		43 B
338 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://t.co/i/adsct?bci=3&eci=2&event_id=0b4839a9-430a-4ad5-ad07-b05d3166a648&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=975779ae-09ca-4f6a-98ba-6c89a19a6df0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ntt0j&type=javascript&version=2.3.20
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.133 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time
104
date
Thu, 16 Jun 2022 16:42:54 GMT
server
tsa_o
strict-transport-security
max-age=0
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
7c49daff0a32729f1a8b667e36920d319685f7c1f5c7eeffbfe79587794fef62
content-length
43
adsct
analytics.twitter.com/i/ 		43 B
353 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=0b4839a9-430a-4ad5-ad07-b05d3166a648&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&p_id=Twitter&p_user_id=0&pl_id=975779ae-09ca-4f6a-98ba-6c89a19a6df0&tw_document_href=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=ntt0j&type=javascript&version=2.3.20
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.3 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
Security Headers
Name Value
Strict-Transport-Security max-age=631138519

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

x-response-time
112
date
Thu, 16 Jun 2022 16:42:54 GMT
server
tsa_o
strict-transport-security
max-age=631138519
content-type
image/gif;charset=utf-8
cache-control
no-cache, no-store, max-age=0
x-connection-hash
8eca487331e0fc752970d076b4c90a18dce24ebffe4a5d2673ac40e3215f5a09
content-length
43
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=968174740&t=pageview&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Kaiser%20Permanente%20Exposes%20Nearly%2070K%20Medical%20Records%20in%20Data%20Breach%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=172523209&gjid=1225701621&cid=685716736.1655397773&tid=UA-35676203-21&_gid=1533137274.1655397773&_r=1&gtm=2wg6f0PM29HLF&z=391325281
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:54 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
www.google-analytics.com/ 		35 B
55 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=968174740&t=event&ni=0&_s=1&dl=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Kaiser%20Permanente%20Exposes%20Nearly%2070K%20Medical%20Records%20in%20Data%20Breach%20%7C%20Threatpost&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=VISIBILITY&ea=elementVisibility%20%2F%20%5BHeader%5D%20%2F%20Social%20Networks%20View&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=685716736.1655397773&tid=UA-35676203-21&_gid=1533137274.1655397773&gtm=2wg6f0PM29HLF&z=1340921702
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 15 Jun 2022 19:48:42 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
75252
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
sr
capi-tier-2-us-east-2.connatix.com/tr/ Frame BCF1 		0
0
gpt.js
securepubads.g.doubleclick.net/tag/js/ 		82 KB
27 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/tag/js/gpt.js
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
sffe /
Resource Hash
58391073a2822da6ba17eed93679bd74405983db36a83078621d3338b1b24cb4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
28106
x-xss-protection
0
server
sffe
etag
"1246 / 655 of 1000 / last-modified: 1655377890"
vary
Accept-Encoding
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
expires
Thu, 16 Jun 2022 16:42:54 GMT
2_media.bin
vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/cc9b6fb7-a6c9-460f-af1f-7c5e462ecc93/ Frame BCF1 		291 B
345 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://vid.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/cc9b6fb7-a6c9-460f-af1f-7c5e462ecc93/2_media.bin
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.194.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
782cf3bec6ae5ea1cc0d0903ec8157ff81ab0e1822a99b24114ae33c83d093d5

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
last-modified
Wed, 19 May 2021 23:26:54 GMT
age
91834
etag
"d24a3365dc10abf8fc9e03aedbb0aeb5"
vary
Accept-Encoding
content-type
application/octet-stream
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
255
ima3.js
imasdk.googleapis.com/js/sdkloader/ Frame BCF1 		372 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/sdkloader/ima3.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1a113034bdbdeaa7add41b1d85d4ebb360ceab32740506bef533dd883ed1888c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
vary
Accept-Encoding
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
content-type
text/javascript
cache-control
private, max-age=900, stale-while-revalidate=3600
cross-origin-resource-policy
cross-origin
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
126826
x-xss-protection
0
expires
Thu, 16 Jun 2022 16:42:54 GMT
1.png
img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/c2ecd04f-0dca-4ffa-8761-d93b34717380/ 		6 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/c2ecd04f-0dca-4ffa-8761-d93b34717380/1.png
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
br
age
2621646
etag
"CDlq0wWU2N6Hha9Y1OkqKS7K/JyWAUvXYL5GlZ2se8g"
access-control-max-age
86400
fastly-io-info
ifsz=8114 idim=288x42 ifmt=png ofsz=6487 odim=288x42 ofmt=png
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/png
content-length
6487
localstore.js
script.4dex.io/ 		483 B
964 B 		Script
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/localstore.js
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
3644
content-type
application/javascript
x-amz-request-id
tx868aa8ceaf494ff0b1336-00627a3731
x-amz-id-2
tx868aa8ceaf494ff0b1336-00627a3731
last-modified
Tue, 10 May 2022 09:57:32 GMT
server
cloudflare
etag
W/"922cffdd75f7192f75231d92684885aa"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OLR9kHiZTNqQyu%2Bh0S7YVU2gshqxeLDGwB7ztyrN3Eal6ZwxSGQLo0HBsunITbFaoe81VFrYVhG%2F2UQLXXxBVt6XwUKmViGhGZJK7pNT7AFRtvvo4FhhiPgHPBS4tVwx6B%2BPmV72F0344rcK"}],"group":"cf-nel","max_age":604800}
x-amz-version-id
1652176652152482
cache-control
public, max-age=1800
cf-ray
71c5005d5b0e909d-FRA
expires
Thu, 16 Jun 2022 17:12:54 GMT
arj
teachingaids-d.openx.net/w/1.0/ 		174 B
592 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://teachingaids-d.openx.net/w/1.0/arj?ju=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&ch=UTF-8&res=1600x1200x24&ifr=false&tz=0&tws=1600x1200&be=1&bc=hb_pb_3.0.3&dddid=1f0e4c42-6847-4b1c-a743-d547e26e5e88%2C1f0e4c42-6847-4b1c-a743-d547e26e5e88%2C3187e7e3-cca7-48d8-914e-bf5d35395f2f%2C92e270e8-61d7-4da0-8d38-f5c8018a72d7%2C92e270e8-61d7-4da0-8d38-f5c8018a72d7&nocache=1655397773418&gdpr=0&x_gdpr_f=1&schain=1.0%2C1!admetricspro.com%2C1005%2C1%2C%2C%2C&aus=728x90%2C970x250%2C970x90%7C728x90%2C970x250%2C970x90%7C300x250%2C336x280%7C300x250%2C300x600%7C300x250%2C300x600&divids=div-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-2%2Cdiv-gpt-ad-6794670-3%2Cdiv-gpt-ad-6794670-5%2Cdiv-gpt-ad-6794670-5&aucs=%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-970x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x250-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF%2C%252F22404337467%252C21707124336%252Fthreatpost-300x600-ATF&auid=540932704%2C540932709%2C540932713%2C540932715%2C540932720
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
5948ceaedf623dd344a628afce41a60e6014635dc995afeb38459487b3bdc98f

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:55 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
access-control-allow-origin
https://threatpost.com
cache-control
private, max-age=0, no-cache
access-control-allow-credentials
true
content-type
application/json
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
165
via
1.1 google
expires
Mon, 26 Jul 1997 05:00:00 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		728 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=2&alt_size_ids=55%2C57&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=1f0e4c42-6847-4b1c-a743-d547e26e5e88&l_pb_bid_id=8a3ba17f5461d9&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF&slots=1&rand=0.7579196981137004
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
419d135d5dbd1b1abff877cf34ad4bdc55e643b2a568893988b251b561b7245b

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:42:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
728
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		726 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=16&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=3187e7e3-cca7-48d8-914e-bf5d35395f2f&l_pb_bid_id=92bf256e48a7cc&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF&slots=1&rand=0.6754672980247829
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_256_GCM
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
ab0117aeb34217b4d10e2a6daa4b147c41c60d43e08c3bd5036875adf3eaf1fa

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:42:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
726
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		726 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509506&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=92e270e8-61d7-4da0-8d38-f5c8018a72d7&l_pb_bid_id=10c8823081946b7&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&slots=1&rand=0.6099454102972857
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
02715bd6008b923abf795bd1aba807e9c56b1074f52c7f453777597a15aeca75

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:42:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
726
Expires
Wed, 17 Sep 1975 21:32:10 GMT
fastlane.json
fastlane.rubiconproject.com/a/api/ 		726 B
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://fastlane.rubiconproject.com/a/api/fastlane.json?account_id=19254&site_id=300372&zone_id=1509502&size_id=15&alt_size_ids=10&p_pos=atf&gdpr=0&rp_schain=1.0,1!admetricspro.com,1005,1,,,&rf=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&kw=Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy&tg_i.ref=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tg_i.page=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F&tg_i.domain=threatpost.com&tg_i.pbadslot=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&tk_flint=pbjs_lite_v6.22.0&x_source.tid=92e270e8-61d7-4da0-8d38-f5c8018a72d7&l_pb_bid_id=11165421ea486c&p_screen_res=1600x1200&rp_secure=1&rp_maxbids=1&p_gpid=%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF&slots=1&rand=0.6195189572588207
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
2602:803:c004:200::140 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
nginx/1.21.4 /
Resource Hash
0f4f18daea8aa504cb44b2c35e2b356dfe0696c634a1a2fdc0b301a308304108

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:42:55 GMT
Server
nginx/1.21.4
Vary
Accept-Encoding
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-cache, no-store, max-age=0, must-revalidate
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json
Content-Length
726
Expires
Wed, 17 Sep 1975 21:32:10 GMT
v1
btlr.sharethrough.com/universal/ 		0
113 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-132-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 16 Jun 2022 16:42:54 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-132-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 16 Jun 2022 16:42:54 GMT
access-control-allow-credentials
true
vary
Origin
v1
btlr.sharethrough.com/universal/ 		0
112 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://btlr.sharethrough.com/universal/v1?supply_id=WYu2BXv1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.157.132.197 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-157-132-197.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 16 Jun 2022 16:42:54 GMT
access-control-allow-credentials
true
vary
Origin
bid
ap.lijit.com/rtb/ 		24 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ap.lijit.com/rtb/bid?src=prebid_prebid_6.22.0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
9c148647eb15ffff10402eebce541b80c1bda3429e69c6898f9b8a936683720c

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Date
Thu, 16 Jun 2022 16:42:54 GMT
Vary
Accept-Encoding, User-Agent
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Content-Type
application/json
Access-Control-Allow-Origin
https://threatpost.com
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Content-Length
24
prebid
ib.adnxs.com/ut/v3/ 		19 B
706 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/ut/v3/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:42:54 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
b3170e68-740c-4ba9-b8d0-cb7ab7bc1e65
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
https://threatpost.com
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
application/json; charset=utf-8
Content-Length
19
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
auction
tlx.3lift.com/header/ 		19 B
554 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tlx.3lift.com/header/auction?lib=prebid&v=6.22.0&referrer=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&tmax=1200&gdpr=false
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.122.158.53 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-122-158-53.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:54 GMT
accept-ch
sec-ch-ua-mobile,sec-ch-downlink,user-agent,sec-ch-ect,sec-ch-width,sec-ch-prefers-color-scheme,sec-ch-ua-bitness,sec-ch-ua,sec-ch-ua-arch,sec-ch-rtt,sec-ch-viewport-height,sec-ch-ua-platform,sec-ch-viewport-width,sec-ch-ua-platform-version,sec-ch-ua-model,sec-ch-ua-full-version,sec-ch-dpr,sec-ch-device-memory,sec-ch-save-data
x-auction-status
12, 12, 12
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-length
19
x-xss-protection
0
expires
Thu, 15 Oct 1992 20:10:00 GMT
adreq
ads.servenobid.com/ 		598 B
643 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://ads.servenobid.com/adreq?cb=3437
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
81dc88482cd115f4cc4f9d4dda784b2460f53c8756cc9394999553e985234365

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
content-encoding
gzip
amp-access-control-allow-source-origin
*
vary
accept-encoding
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
v2
e.serverbid.com/api/ 		16 B
389 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://e.serverbid.com/api/v2
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
application/json
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
42
c
prebid.a-mo.net/a/ 		0
444 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://prebid.a-mo.net/a/c
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
147.75.85.234 Schiphol, Netherlands, ASN54825 (PACKET, US),
Reverse DNS
Software
envoy /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 16 Jun 2022 16:42:54 GMT
cache-control
max-age=0, private, must-revalidate
access-control-allow-credentials
true
server
envoy
x-envoy-upstream-service-time
167
vary
origin, Accept-Encoding
prebid
mp.4dex.io/ 		114 B
596 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mp.4dex.io/prebid
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6812:372 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aa467d498713fde1f476814de9e2f6e009abe5192c41be17c7aa4f597a426563

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

cf-ray
71c5005d7b659c0a-FRA
pragma
no-cache
date
Thu, 16 Jun 2022 16:42:54 GMT
via
1.1 google
cf-cache-status
DYNAMIC
x-warn
Preparing candidates. No matching rules and/or Bids disallowed and/or Invalid predictions
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin, Accept-Encoding
content-type
application/json; charset=utf-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
content-encoding
gzip
server
cloudflare
expires
0
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_728x90-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
82fbfe5e670d744d9eaa78d24461d1df89c6b8555c62bff72186f2cafe5fba7f

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
92 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x250-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
6c7761a8390f56079541b41e69badfe1fd54d38c0b3e900bf9447d088dfa9817

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
bidRequest
c2shb.ssp.yahoo.com/ 		62 B
291 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c2shb.ssp.yahoo.com/bidRequest?dcn=8a9695ad017373d9b19cda6b03bc00b5&pos=threatpost.com_desktop_300x600-atf&cmd=bid&secure=1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
52.28.203.152 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-28-203-152.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
4d6bffb781436019c4abb2dea0e82a064050f28d5ecb9ac4abd63adb3b5c696b

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
server
ATS/9.1.0.46
age
0
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods
POST,GET,HEAD,OPTIONS
content-type
application/json;charset=utf-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
content-length
62
translator
hbopenbid.pubmatic.com/ 		0
0
mvo
tag.1rx.io/rmp/216477/0/ 		0
170 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tag.1rx.io/rmp/216477/0/mvo?z=1r&hbv=6.22,2.1
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
213.19.147.43 Utrecht, Netherlands, ASN3356 (LEVEL3, US),
Reverse DNS
Software
Tengine /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
pragma
no-cache
date
Thu, 16 Jun 2022 16:42:54 GMT
cache-control
private, max-age=0, no-cache, no-store
access-control-allow-credentials
true
server
Tengine
cygnus
htlb.casalemedia.com/ 		37 B
329 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://htlb.casalemedia.com/cygnus?s=438654&v=7.2&ac=j&sd=1&r=%7B%22id%22%3A%22596a0c28b99711a%22%2C%22site%22%3A%7B%22page%22%3A%22https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%22%2C%22ref%22%3A%22https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email%22%2C%22domain%22%3A%22threatpost.com%22%2C%22publisher%22%3A%7B%22domain%22%3A%22threatpost.com%22%7D%2C%22keywords%22%3A%22Hacks%2CMalware%2CVulnerabilities%2CWebSecurity%2CMobileSecurity%2CPrivacy%22%7D%2C%22ext%22%3A%7B%22source%22%3A%22prebid%22%2C%22ixdiag%22%3A%7B%22msd%22%3A4%2C%22msi%22%3A4%2C%22mfu%22%3A0%2C%22bu%22%3A3%2C%22iu%22%3A0%2C%22nu%22%3A0%2C%22ou%22%3A0%2C%22allu%22%3A3%2C%22ren%22%3Afalse%2C%22version%22%3A%226.22.0%22%2C%22userIds%22%3A%5B%5D%2C%22fpd%22%3Atrue%7D%7D%2C%22imp%22%3A%5B%7B%22id%22%3A%2260084ed24034022%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A728%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22728x90%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x250%22%7D%7D%2C%7B%22w%22%3A970%2C%22h%22%3A90%2C%22ext%22%3A%7B%22siteID%22%3A%22438654%22%2C%22sid%22%3A%22970x90%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%7D%2C%7B%22id%22%3A%2261f39d1d5ce7178%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A336%2C%22h%22%3A280%2C%22ext%22%3A%7B%22siteID%22%3A%22438649%22%2C%22sid%22%3A%22336x280%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%7D%2C%7B%22id%22%3A%22620fa85b9ed3918%22%2C%22banner%22%3A%7B%22topframe%22%3A1%2C%22format%22%3A%5B%7B%22w%22%3A300%2C%22h%22%3A250%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x250%22%7D%7D%2C%7B%22w%22%3A300%2C%22h%22%3A600%2C%22ext%22%3A%7B%22siteID%22%3A%22438650%22%2C%22sid%22%3A%22300x600%22%7D%7D%5D%7D%2C%22ext%22%3A%7B%22dfp_ad_unit_code%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%2C%22gpid%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%7D%5D%2C%22at%22%3A1%2C%22source%22%3A%7B%22ext%22%3A%7B%22schain%22%3A%7B%22ver%22%3A%221.0%22%2C%22complete%22%3A1%2C%22nodes%22%3A%5B%7B%22asi%22%3A%22admetricspro.com%22%2C%22sid%22%3A%221005%22%2C%22hp%22%3A1%7D%5D%7D%7D%7D%2C%22regs%22%3A%7B%22ext%22%3A%7B%22gdpr%22%3A0%7D%7D%2C%22user%22%3A%7B%22ext%22%3A%7B%22consent%22%3A%22%22%7D%7D%7D
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.92.100.195 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-92-100-195.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
0fd65bf8483638310c98d0fabb38d75c90ccf1b9165397638da7e987903273dd

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:55 GMT
x-ak-initial-geo
CC:[DE], RC:[BY], CN:[EU], CIP:[80.255.7.100], XFF:[]
server
Apache
content-type
application/json
access-control-allow-origin
https://threatpost.com
x-cs-client-geo
12
cache-control
max-age=0, no-cache, no-store
access-control-allow-credentials
true
content-length
37
x-ak-client-geo
12
expires
Thu, 16 Jun 2022 16:42:55 GMT
bid
c.amazon-adsystem.com/e/dtb/ 		64 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&pid=BnGHy4lPX4F88&cb=0&ws=1600x1200&v=8.0.1&t=1200&slots=%5B%7B%22sd%22%3A%22div-gpt-ad-6794670-2%22%2C%22s%22%3A%5B%22728x90%22%2C%22970x250%22%2C%22970x90%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-970x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-3%22%2C%22s%22%3A%5B%22300x250%22%2C%22336x280%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x250-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-5%22%2C%22s%22%3A%5B%22300x250%22%2C%22300x600%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-300x600-ATF%22%7D%2C%7B%22sd%22%3A%22div-gpt-ad-6794670-1%22%2C%22s%22%3A%5B%222x2%22%5D%2C%22sn%22%3A%22%2F22404337467%2C21707124336%2Fthreatpost-2x2-Skin%22%7D%5D&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
vary
Accept-Encoding,User-Agent
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-edge-origin-fbl
0.038
content-length
64
server
Server
x-amz-rid
Z1Y7FQ93N9J7RHHCX0A5
strict-transport-security
max-age=47474747; includeSubDomains; preload
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
timing-allow-origin
*
x-amz-cf-id
Sj40sxr_s9j5mJqkWsX9WUfX1NJWxyGwe2Hn6S7BISPmLGzcL1gSbQ==
collect
stats.g.doubleclick.net/j/ 		4 B
441 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-35676203-21&cid=685716736.1655397773&jid=172523209&gjid=1225701621&_gid=1533137274.1655397773&_u=YEBAAEAAAAAAAC~&z=1786758482
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
strict-transport-security
max-age=10886400; includeSubDomains; preload
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
date
Thu, 16 Jun 2022 16:42:54 GMT
content-type
text/plain
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
4
expires
Fri, 01 Jan 1990 00:00:00 GMT
hls.5b3b785f487abbe00eee.js
cds.connatix.com/p/166750/ Frame BCF1 		162 KB
47 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/166750/hls.5b3b785f487abbe00eee.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21

Request headers

accept-language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:54 GMT
content-encoding
br
last-modified
Thu, 16 Jun 2022 15:14:03 GMT
age
5190
etag
"182f65d040bfb9544bd8f71472475672"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
48258
v1
lb.eu-1-id5-sync.com/lb/ 		33 B
328 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://lb.eu-1-id5-sync.com/lb/v1
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
162.19.138.82 , France, ASN16276 (OVH, FR),
Reverse DNS
ns31532337.ip-162-19-138.eu
Software
/
Resource Hash
cea4ed59f87dc16e7a0ca046558ba6fe6216d9a26c00656c314f690e5a783676

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 16 Jun 2022 16:42:54 GMT
transfer-encoding
chunked
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
content-type
application/json;charset=UTF-8
pixel;r=2011318634;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_mediu...
pixel.quantserve.com/ 		35 B
372 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.quantserve.com/pixel;r=2011318634;source=gtm;rf=0;a=p-_7kVx0t9Jqj90;url=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email;uht=2;fpan=1;fpa=P0-1579856263-1655397773534;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;us_privacy=1---;ref=;d=threatpost.com;je=0;sr=1600x1200x24;dst=0;et=1655397773534;tzo=0;ogl=image.https%3A%2F%2Fmedia%252Ekasperskycontenthub%252Ecom%2Fwp-content%2Fuploads%2Fsites%2F103%2F2018%2F12%2F19164%2Ctype.article%2Ctitle.Kaiser%20Permanente%20Exposes%20Nearly%2070K%20Medical%20Records%20in%20Data%20Breach%2Cdescription.Attackers%20gained%20access%20to%20private%20account%20details%20through%20an%20email%20compromise%20i%2Curl.https%3A%2F%2Fthreatpost%252Ecom%2Fkaiser-permanente-breach%2F179949%2F
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:116:800d:21:7eb1:3826:be7e:d981 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
/
Resource Hash
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:54 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control
private, no-cache, no-store, proxy-revalidate
content-type
image/gif
content-length
35
expires
Fri, 04 Aug 1978 12:00:00 GMT
adagio.js
script.4dex.io/ 		72 KB
23 KB 		Fetch
General
Check archive.org
Download Go to
Full URL
https://script.4dex.io/adagio.js
Requested by
Host: script.4dex.io
URL: https://script.4dex.io/localstore.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:20::681a:9a9 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
content-encoding
br
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
790797
access-control-max-age
3000
access-control-allow-methods
GET
x-amz-request-id
txb499e93f6ba04096a8bee-00629f4c21
x-amz-id-2
txb499e93f6ba04096a8bee-00629f4c21
last-modified
Tue, 10 May 2022 09:57:31 GMT
server
cloudflare
etag
W/"2430496689c00115831347992a974246"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TaTvaQlXIGg49yMXFiHRNG2daDsuO4U%2BXSWUlK9GcKwG%2F6NriGgHXM4royCGnnkcRq0iP%2FyMhh0Nfcw9UrDGtiJDsNSPsb6DkjJ%2B3LqLdpRnoTqtSYtcJD2TxaEzJ1tvdYyOUUpcFIYC5Bwc"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=1800
access-control-allow-credentials
true
x-amz-version-id
1652176651393042
cf-ray
71c5005e2cda9c0a-FRA
access-control-allow-headers
Authorization
bridge3.519.0_en.html
imasdk.googleapis.com/js/core/ Frame 18DE 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
181477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209290
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 14:18:18 GMT
expires
Wed, 14 Jun 2023 14:18:18 GMT
last-modified
Mon, 06 Jun 2022 20:07:44 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
client.js
s0.2mdn.net/instream/video/ Frame BCF1 		0
0
bridge3.519.0_en.html
imasdk.googleapis.com/js/core/ Frame A2A0 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Requested by
Host: imasdk.googleapis.com
URL: https://imasdk.googleapis.com/js/sdkloader/ima3.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
age
181477
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, max-age=31536000
content-encoding
gzip
content-length
209290
content-type
text/html
cross-origin-opener-policy
same-origin; report-to="ads-doubleclick-instream-static"
cross-origin-resource-policy
cross-origin
date
Tue, 14 Jun 2022 14:18:18 GMT
expires
Wed, 14 Jun 2023 14:18:18 GMT
last-modified
Mon, 06 Jun 2022 20:07:44 GMT
report-to
{"group":"ads-doubleclick-instream-static","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-instream-static"}]}
server
sffe
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
bridge3.519.0_en.html
imasdk.googleapis.com/js/core/ Frame 8BFB 		0
0
ga-audiences
www.google.com/ads/ 		42 B
63 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=685716736.1655397773&jid=172523209&_u=YEBAAEAAAAAAAC~&z=112419915
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.de/ads/ 		42 B
501 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-35676203-21&cid=685716736.1655397773&jid=172523209&_u=YEBAAEAAAAAAAC~&z=112419915
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:42:55 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ao
capi-tier-2-us-east-2.connatix.com/tr/ Frame BCF1 		0
0
g
capi-tier-2-us-east-2.connatix.com/rtb/ Frame BCF1 		0
0
bid
c.amazon-adsystem.com/e/dtb/ 		23 B
509 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://c.amazon-adsystem.com/e/dtb/bid?src=600&u=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&pid=BnGHy4lPX4F88&cb=1&ws=1600x1200&v=8.0.1&t=2000&slots=%5B%7B%22id%22%3A%22Amazon_400x225%22%2C%22mt%22%3A%22v%22%7D%5D&cfgv=1&pubid=cb8cfc89-e83e-44aa-a3a2-ff78eda781ef&gdpre=0&gdprl=%7B%22status%22%3A%22tcfv2-success%22%7D
Requested by
Host: c.amazon-adsystem.com
URL: https://c.amazon-adsystem.com/aax2/apstag.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
108.138.4.10 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-108-138-4-10.fra56.r.cloudfront.net
Software
Server /
Resource Hash
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
via
1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
vary
Accept-Encoding,User-Agent
x-amz-cf-pop
FRA56-P6
x-cache
Miss from cloudfront
x-edge-origin-fbl
0.038
content-length
23
server
Server
x-amz-rid
8RF9QVYMA09TFQR40GX8
strict-transport-security
max-age=47474747; includeSubDomains; preload
content-type
text/javascript;charset=UTF-8
access-control-allow-origin
https://threatpost.com
access-control-allow-credentials
true
permissions-policy
interest-cohort=()
timing-allow-origin
*
x-amz-cf-id
otRLZxdisGhiU1fmjVIRoziWNRCNl0Fxleghpkakv3QcIavIAP9zfw==
ps
capi-tier-2-us-east-2.connatix.com/tr/ Frame BCF1 		0
0
1_th.jpg
img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/cc9b6fb7-a6c9-460f-af1f-7c5e462ecc93/ 		8 KB
7 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.connatix.com/pid-c2ecd04f-0dca-4ffa-8761-d93b34717380/60764267-557e-410f-85cb-f102d92ee134/cc9b6fb7-a6c9-460f-af1f-7c5e462ecc93/1_th.jpg?crop=400:225,smart&width=400&height=225&format=jpeg&quality=60&fit=crop
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
079c5253503d561234764a7a5a25447df5ada27169a5388547c2d274ac2074c7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
content-encoding
br
age
103314
etag
"xF7hVmQPb7wYOiGIJ621QooVkBUsMuoAPGdkv1f1FwU"
access-control-max-age
86400
fastly-io-info
ifsz=93616 idim=2560x1440 ifmt=jpeg ofsz=7931 odim=400x225 ofmt=jpeg
access-control-allow-origin
*
cache-control
max-age=2592000, public
fastly-stats
io=1
accept-ranges
bytes
content-type
image/jpeg
content-length
7488
724.json
id5-sync.com/g/v2/ 		213 B
621 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://id5-sync.com/g/v2/724.json
Requested by
Host: cdn.id5-sync.com
URL: https://cdn.id5-sync.com/api/1.0/id5-api.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
141.95.98.68 , France, ASN16276 (OVH, FR),
Reverse DNS
ns3216657.ip-141-95-98.eu
Software
/
Resource Hash
3b11497de8fa0e6f1d7e7ae0a21973eea6535afd43882c989b0e5dfec2b416a1
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubDomains; preload

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Content-Type
text/plain

Response headers

access-control-allow-origin
https://threatpost.com
date
Thu, 16 Jun 2022 16:42:54 GMT
access-control-allow-credentials
true
vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers, Origin
transfer-encoding
chunked
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
application/json;charset=UTF-8
prebid6.20.0-2.js
cds.connatix.com/p/plugins/ 		467 KB
122 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cds.connatix.com/p/plugins/prebid6.20.0-2.js
Requested by
Host: cd.connatix.com
URL: https://cd.connatix.com/connatix.player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.66.137 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
3f1ab94d49c431d36ee6426f348fa3b295bc06f8194a5992279d6922c14f47d3

Request headers

Referer
https://threatpost.com/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date
Thu, 16 Jun 2022 16:42:55 GMT
content-encoding
br
last-modified
Thu, 26 May 2022 13:25:41 GMT
age
101677
etag
"6a71d6cafa16935d4f718f227ed9853d"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
access-control-max-age
86400
cache-control
public,max-stale=31557600,stale-while-revalidate=31557600,immutable,max-age=31557600
accept-ranges
bytes
content-length
124965
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 16:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=threatpost.com
Requested by
Host: tagan.adlightning.com
URL: https://tagan.adlightning.com/math-aids-threatpost/op.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

timing-allow-origin
*
date
Thu, 16 Jun 2022 16:42:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
securepubads.g.doubleclick.net/gampad/ 		59 KB
11 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://securepubads.g.doubleclick.net/gampad/ads?pvsid=1799249673684414&correlator=3328513180872684&eid=31068073%2C42531605%2C44755510&output=ldjh&gdfp_req=1&vrg=2022061401&ptt=17&impl=fifs&gdpr=0&us_privacy=1---&tfua=0&tfcd=0&iu_parts=22404337467%3A21707124336%2Cthreatpost-970x250-ATF%2Cthreatpost-300x250-ATF%2Cthreatpost-300x600-ATF%2Cthreatpost-2x2-Skin&enc_prev_ius=%2F0%2F1%2C%2F0%2F2%2C%2F0%2F3%2C%2F0%2F4&prev_iu_szs=728x90%7C970x250%7C970x90%2C300x250%7C336x280%2C300x250%7C300x600%2C2x2&ifi=1&adks=4166723991%2C1414505084%2C1356251026%2C3771495681&sfv=1-0-38&ecs=20220616&fsapi=false&prev_scp=amznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2%7Camznbid%3D2%26amznp%3D2&eri=1&cust_params=urlhost%3Dhttps%253A%252F%252Fthreatpost.com%252F%26urlpath%3D%252Fkaiser-permanente-breach%252F179949%252F%26urlquery%3Dgoogfc%26contentid%3D179949%26category%3Dbreach%26contenttags%3D&sc=1&cookie_enabled=1&abxe=1&dt=1655397774636&lmt=1655397774&dlt=1655397771418&idt=1391&biw=1600&bih=1200&adxs=-9%2C-9%2C-9%2C-9&adys=-9%2C-9%2C-9%2C-9&ucis=1%7C2%7C3%7C4&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXSxmYWxzZV0.&nvt=1&url=https%3A%2F%2Fthreatpost.com%2Fkaiser-permanente-breach%2F179949%2F%3Futm_campaign%3DThird%2520Party%2520Thursday%2520Newsletter%26utm_medium%3Demail%26_hsmi%3D216744177%26_hsenc%3Dp2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw%26utm_content%3D216744177%26utm_source%3Dhs_email&frm=20&vis=1&scr_x=0&scr_y=0&psz=0x-1%7C0x-1%7C0x-1%7C0x-1&msz=0x-1%7C0x-1%7C0x-1%7C0x-1&fws=2%2C2%2C2%2C2&ohw=0%2C0%2C0%2C0&ga_vid=685716736.1655397773&ga_sid=1655397775&ga_hid=968174740&ga_fc=true&btvi=-1%7C-1%7C-1%7C-1
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068073
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.74.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s02-in-f2.1e100.net
Software
cafe /
Resource Hash
12db878ddc5736b88d35512b510b4b5eb5d03067839e6a853c96b90c5061a1af
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://threatpost.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:56 GMT
content-encoding
br
x-content-type-options
nosniff
google-mediationgroup-id
-2,-2,-2,-2
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11355
x-xss-protection
0
google-lineitem-id
5792876106,5794282999,5794835207,-2
pragma
no-cache
server
cafe
google-mediationtag-id
-2
google-creative-id
138364533266,138364581378,138364590135,-2
content-type
text/plain; charset=UTF-8
access-control-allow-origin
https://threatpost.com
cache-control
no-cache, must-revalidate
access-control-allow-credentials
true
timing-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
container.html
fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1274 		6 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by
Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2022061401.js?cb=31068073
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:802::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
public, immutable, max-age=31536000
content-encoding
gzip
content-length
3108
content-type
text/html
cross-origin-opener-policy-report-only
same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 16:42:56 GMT
expires
Fri, 16 Jun 2023 16:42:56 GMT
last-modified
Tue, 02 Mar 2021 20:17:03 GMT
report-to
{"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server
sffe
timing-allow-origin
*
vary
Accept-Encoding
x-content-type-options
nosniff
x-xss-protection
0
2000891.html
sync.serverbid.com/ss/ Frame 08E7 		2 KB
904 B 		Document
General
Check archive.org
Download Go to
Full URL
https://sync.serverbid.com/ss/2000891.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
143.204.89.14 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-143-204-89-14.fra50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4d2562bce42e541ac3f50a8a344b9c7fb22f40303280f877145adfb25413e07d

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

age
30663
content-encoding
br
content-type
text/html
date
Thu, 16 Jun 2022 08:11:59 GMT
etag
W/"0752208857e91fec137573dec67282ad"
last-modified
Wed, 15 Jun 2022 11:52:05 GMT
server
AmazonS3
vary
Accept-Encoding
via
1.1 0d37b2e69745cd9f0c5457fbf1a83128.cloudfront.net (CloudFront)
x-amz-cf-id
2UQUQf6cL9qqihZIcdWE1mdWcL2w1CJqaXNaS159UmFWs1GjY6tJ6g==
x-amz-cf-pop
FRA50-C1
x-cache
Hit from cloudfront
pd
eu-u.openx.net/w/1.0/ Frame B78A 		668 B
731 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
2a8a57650b4931087f9db7ee7eda95b74b18c73ceb7fbb4b738c1de2a921b876

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-encoding
gzip
content-length
419
content-type
text/html
date
Thu, 16 Jun 2022 16:43:01 GMT
p3p
CP="CUR ADM OUR NOR STA NID"
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
via
1.1 google
sync
eb2.3lift.com/ Frame 0927 		37 B
140 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eb2.3lift.com/sync?
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.111.18 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a0f671730127a0812.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache, no-store, must-revalidate
content-length
37
content-type
image/gif
date
Thu, 16 Jun 2022 16:43:01 GMT
usync.html
eus.rubiconproject.com/ Frame 2CDF 		281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?gdpr=0
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Jun 2022 16:43:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding
ixmatch.html
js-sec.indexww.com/um/ Frame 81A9 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://js-sec.indexww.com/um/ixmatch.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
1388
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Jun 2022 16:43:01 GMT
ETag
"e20015-b6b-5d84d0db0c30a"
Last-Modified
Fri, 18 Feb 2022 16:05:37 GMT
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Server
Apache
Vary
Accept-Encoding
sync.html
public.servenobid.com/ Frame 1E97 		8 KB
4 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://public.servenobid.com/sync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2620:1ec:40::45 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
cache-control
max-age=86400
content-encoding
br
content-type
text/html
date
Thu, 16 Jun 2022 16:43:00 GMT
etag
"932d6618454a24c5cf3ad5f25825ecce"
last-modified
Tue, 31 May 2022 18:42:20 GMT
server
AmazonS3
x-amz-id-2
PBWVH8No6/KvVowF4Vi4DTTHTKumQD2oyPInTgLU+ZtbVhmenTq6lkIegnerovGWWnHAv96WRkA=
x-amz-meta-codebuild-buildarn
arn:aws:codebuild:us-east-1:559734745816:build/adserver-public-prod:2eb1aaf4-247b-4e52-a802-e8cd900d39ea
x-amz-meta-codebuild-content-md5
20a4fb183531ba70b39d5a2dfecc75d2
x-amz-meta-codebuild-content-sha256
c86041a4eda4e8a7eab23343995e324b6b57a4b93db1e64ecabf90b8558c6365
x-amz-request-id
PMAYYH7T05B7RFB5
x-azure-ref
0lV2rYgAAAAADcBpo2FQfSZ+FJjBb9ZdhRlJBMjMxMDUwNDE5MDI5ADg0ZTdkZmEyLTE0NDItNDMzNC1iMzRmLWU0MmQzZjdkZGFkOQ==
x-azure-ref-originshield
06J+qYgAAAADCvGc+LnRER7oM6d1Y5/wSRlJBMjMxMDUwNDE4MDI3ADg0ZTdkZmEyLTE0NDItNDMzNC1iMzRmLWU0MmQzZjdkZGFkOQ==
x-cache
TCP_HIT
async_usersync.html
acdn.adnxs.com/dmp/ Frame 62F7 		52 KB
17 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://acdn.adnxs.com/dmp/async_usersync.html
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.193.108 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx/1.18.0 (Ubuntu) /
Resource Hash
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Access-Control-Allow-Origin
*
Age
44126
Cache-Control
max-age=86402
Connection
keep-alive
Content-Encoding
gzip
Content-Length
17053
Content-Type
text/html
Date
Thu, 16 Jun 2022 16:43:01 GMT
ETag
W/"623de86a-cf34"
Expires
Fri, 17 Jun 2022 04:27:36 GMT
Last-Modified
Fri, 25 Mar 2022 16:06:02 GMT
Server
nginx/1.18.0 (Ubuntu)
Vary
Accept-Encoding
Via
1.1 varnish, 1.1 varnish
X-Cache
HIT, HIT
X-Cache-Hits
1, 551796
X-Served-By
cache-lga13629-LGA, cache-hhn4061-HHN
X-Timer
S1655397781.179861,VS0,VE0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5CD 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Requested by
Host: qd.admetricspro.com
URL: https://qd.admetricspro.com/js/threatpost/prebid.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://threatpost.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=64603
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 16 Jun 2022 16:43:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 17 Jun 2022 10:39:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
sd
eu-u.openx.net/w/1.0/ Frame B78A
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=5&redir=https%3A%2F%2Feu-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D536872786%26val%3D%5BMM_UUID%5D
  • https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fccd62ab-5d95-4f00-a746-431f8487ce09
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fccd62ab-5d95-4f00-a746-431f8487ce09
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x28 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://eu-u.openx.net/w/1.0/sd?id=536872786&val=fccd62ab-5d95-4f00-a746-431f8487ce09
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Jun 2022 16:43:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B78A
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-25CIknq_eSg16.gif?idmatch=0&gdpr=0
  • https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pmi0XT0-7VolP7BZP2n4Wj5q4A4lOLcNamOak5QH
43 B
122 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pmi0XT0-7VolP7BZP2n4Wj5q4A4lOLcNamOak5QH
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://us-u.openx.net/w/1.0/sd?id=537072956&&val=Pmi0XT0-7VolP7BZP2n4Wj5q4A4lOLcNamOak5QH
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
sd
eu-u.openx.net/w/1.0/ Frame B78A
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=22
  • https://c1.adform.net/serving/cookie/match?CC=1&party=22
  • https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7439562014725789384
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7439562014725789384
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
nginx
location
https://eu-u.openx.net/w/1.0/sd?id=537113484&val=7439562014725789384
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
openx
match.adsrvr.org/track/cmf/ Frame B78A 		70 B
265 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/openx?oxid=6e492e91-abcf-3d0d-4f0a-ca4adfbc42bb&gdpr=0
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame B78A 		170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=NDIyNmZkNWItNjJiOC02M2E5LTVhZWEtOTBmMzE1NWU4Y2Ri
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sd
us-u.openx.net/w/1.0/ Frame B78A
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_sc
  • https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBngdslsQNNQ8bbhGlVs8LA&google_cver=1
43 B
61 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBngdslsQNNQ8bbhGlVs8LA&google_cver=1
Requested by
Host: eu-u.openx.net
URL: https://eu-u.openx.net/w/1.0/pd?plm=6&ph=e1b1f5e1-3c2c-4287-9806-317cfbf3bd12&gdpr=0
Protocol
H3
Server
34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
218.64.98.34.bc.googleusercontent.com
Software
OXGW/7f1e280 /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eu-u.openx.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
server
OXGW/7f1e280
vary
Accept
p3p
CP="CUR ADM OUR NOR STA NID"
cache-control
private, max-age=0, no-cache
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEBngdslsQNNQ8bbhGlVs8LA&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
295
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
usync.js
eus.rubiconproject.com/ Frame 2CDF 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?gdpr=0
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?gdpr=0
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16110
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Thu, 16 Jun 2022 21:11:31 GMT
usersync
x.serverbid.com/ Frame 08E7
Redirect Chain
  • https://ap.lijit.com/pixel?redir=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D4%26spui%3D%26dpui%3D%24UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=E0kKvBZHggn13NjfQ5yjeES0
35 B
269 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=E0kKvBZHggn13NjfQ5yjeES0
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Access-Control-Allow-Origin
*
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=4&spui=&dpui=E0kKvBZHggn13NjfQ5yjeES0
Access-Control-Allow-Credentials
true
Connection
close
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
um
cs.emxdgt.com/ Frame 08E7 		0
59 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.emxdgt.com/um?ssp=pbs&redirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D9%26spui%3D%26dpui%3D%24UID
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
18.195.155.181 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-195-155-181.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:00 GMT
content-length
0
content-type
text/html
i.gif
e.serverbid.com/udb/9969/sync/ Frame 08E7
Redirect Chain
  • https://p.rfihub.com/cm?pub=42786&in=1
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5108559723563764149
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5108559723563764149
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=53&userId=5108559723563764149
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usersync
x.serverbid.com/ Frame 08E7
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatchredir?s=185073&cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D
  • https://ssum-sec.casalemedia.com/usermatchredir?cb=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5528%26spui%3D%26dpui%3D&s=185073&C=1
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YqtdlXxQEofl2wP3IIeWNAAA%261212
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YqtdlXxQEofl2wP3IIeWNAAA%261212
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5528&spui=&dpui=YqtdlXxQEofl2wP3IIeWNAAA%261212
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
text/html; charset=iso-8859-1
Content-Length
306
Expires
Thu, 16 Jun 2022 16:43:01 GMT
usersync
x.serverbid.com/ Frame 08E7
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5551%26spui%3D%26dpui%3D%24UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fx.serverbid.com%252Fusersync%253Fttt%253D1%2526src%253D2%2526cspi%253D0%2526cn%253D5551%2526spui%253D%2526dpui%253D%2524UID
  • https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1320128258202226795
35 B
218 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1320128258202226795
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
31d430c8-e966-4d91-98cf-c53cbae4300e
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://x.serverbid.com/usersync?ttt=1&src=2&cspi=0&cn=5551&spui=&dpui=1320128258202226795
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usa
sync.go.sonobi.com/ Frame 08E7 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D1%26src%3D2%26cspi%3D0%26cn%3D5444%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
i.gif
e.serverbid.com/udb/9969/sync/ Frame 08E7
Redirect Chain
  • https://pixel.advertising.com/ups/56621/occ
  • https://pixel.advertising.com/ups/56621/occ?verify=true
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP62b35cbe-ed93-11ec-bfef-06f16eb29912
  • https://ups.analytics.yahoo.com/ups/56621/occ?apid=UP62b35cbe-ed93-11ec-bfef-06f16eb29912&verify=true
  • https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP62b35cbe-ed93-11ec-bfef-06f16eb29912
35 B
99 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP62b35cbe-ed93-11ec-bfef-06f16eb29912
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
access-control-max-age
10080
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
https://sync.serverbid.com
access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
content-length
58

Redirect headers

location
https://e.serverbid.com/udb/9969/sync/i.gif?partnerId=29&userId=UP62b35cbe-ed93-11ec-bfef-06f16eb29912
date
Thu, 16 Jun 2022 16:43:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 49A1 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://sync.serverbid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=64603
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 16 Jun 2022 16:43:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 17 Jun 2022 10:39:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
rid
match.adsrvr.org/track/ Frame 08E7 		63 B
392 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/rid?ttd_pid=prebid&fmt=json
Requested by
Host: sync.serverbid.com
URL: https://sync.serverbid.com/ss/2000891.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
0c9a4bb554fce2955d4095e738cbb70c235867acc002f6c8a7097b31fc81731e

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://sync.serverbid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
x-aspnet-version
4.0.30319
vary
Origin
content-type
application/json; charset=utf-8
access-control-allow-origin
https://sync.serverbid.com
cache-control
private
access-control-allow-credentials
true
access-control-allow-headers
Origin, X-Requested-With, Content-Type, Content-Length, Content-Encoding, Vary, Cache-Control, Accept
content-length
63
expires
Sat, 16 Jul 2022 16:43:01 GMT
bounce
ib.adnxs.com/ Frame 62F7
Redirect Chain
  • https://ib.adnxs.com/async_usersync?cbfn=queuePixels
  • https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
0
813 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
104cac77-e429-4cb6-95c9-b305557ce5f0
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
f9acb354-792a-4e72-a002-b2c229ceedb4
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ib.adnxs.com/bounce?%2Fasync_usersync%3Fcbfn%3DqueuePixels
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame 75BA
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F
  • https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Requested by
Host: js-sec.indexww.com
URL: https://js-sec.indexww.com/um/ixmatch.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
dfd5ce93dfe8fce44ff3e11681c17ac33a3ce404f68246f8cea5bd7f9944c4fc

Request headers

Referer
https://js-sec.indexww.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1625
Content-Type
text/html
Date
Thu, 16 Jun 2022 16:43:01 GMT
Dropped-Udsids
39|45|241|230|191|206|152|123
Expires
Thu, 16 Jun 2022 16:43:01 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
345
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
Thu, 16 Jun 2022 16:43:01 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame 301C 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=64603
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 16 Jun 2022 16:43:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 17 Jun 2022 10:39:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
13926
g2.gumgum.com/usync/ Frame 2DDF 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.153.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
4a8969251911f77a42a0d9619604d9eb69b742fdceb69ec84ea32e9a1c6dd780

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-encoding
gzip
content-type
text/html;charset=UTF-8
date
Thu, 16 Jun 2022 16:43:01 GMT
etag
W/"09bfdc7bec68d108a21142a0f608f6327"
server
nginx
timing-allow-origin
*
/
onetag-sys.com/usync/ Frame 7CEC 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://onetag-sys.com/usync/?pubId=694e68b73971b58&gdpr=0&gdpr_consent=&us_privacy=1YN-&https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D318%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
51.89.9.252 London, United Kingdom, ASN16276 (OVH, FR),
Reverse DNS
ip252.ip-51-89-9.eu
Software
/
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store
strict-transport-security
max-age=15552000
sync
ssbsync.smartadserver.com/api/ Frame 8E5C 		763 B
1013 B 		Document
General
Check archive.org
Download Go to
Full URL
https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
185.86.137.107 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
bfc91b9111c920a7954121bc63c1518a7d4274b05e18f23e7c3340981d3d902b

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
763
content-type
text/html
date
Thu, 16 Jun 2022 16:43:00 GMT
usermatch
ssum-sec.casalemedia.com/ Frame A1FD
Redirect Chain
  • https://ssum-sec.casalemedia.com/usermatch?s=195491&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D
  • https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
2 KB
3 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
fab99192661ca862bed0ba1140971db8d767e56597e50f02949325e030ef0ed2

Request headers

Referer
https://public.servenobid.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
1701
Content-Type
text/html
Date
Thu, 16 Jun 2022 16:43:01 GMT
Dropped-Udsids
230|241|45|39|152|206|46|190
Expires
Thu, 16 Jun 2022 16:43:01 GMT
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
Vary
Is-Traffic-Usersync

Redirect headers

Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Length
311
Content-Type
text/html; charset=iso-8859-1
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
Thu, 16 Jun 2022 16:43:01 GMT
Location
https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Pragma
no-cache
Server
Apache
sync.php
pixel.rubiconproject.com/exchange/ Frame 1E97 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=13702&gdpr=0&gdpr_consent=&us_privacy=1YN-&
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://ib.adnxs.com/getuid?https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D312%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=312&uid=1244441007486675437
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=312&uid=1244441007486675437
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
963c3188-1f90-431f-9605-f25e14326e0a
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://ads.servenobid.com/sync?pid=312&uid=1244441007486675437
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://ce.lijit.com/merge?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&location=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%5BSOVRNID%5D
  • https://ads.servenobid.com/sync?pid=310&uid=E0kKvBZHggn13NjfQ5yjeES0
0
350 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=310&uid=E0kKvBZHggn13NjfQ5yjeES0
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
P3P
CP="CUR ADM OUR NOR STA NID"
Location
https://ads.servenobid.com/sync?pid=310&uid=E0kKvBZHggn13NjfQ5yjeES0
Cache-Control
private, no-cache, no-store, must-revalidate, proxy-revalidate, max-age=0, s-maxage=0
X-Sovrn-Pod
ad_ap4ams1
Content-Length
0
Expires
Fri, 20 Mar 2009 00:00:00 GMT
pixel
ap.lijit.com/ Frame 1E97 		0
277 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ap.lijit.com/pixel?pid=273657&3pid=273657&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D310%26uid%3D%24UID
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
216.52.2.39 , United States, ASN30282 (AS-INAPCDN-OCY, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Access-Control-Allow-Origin
*
Date
Thu, 16 Jun 2022 16:43:01 GMT
Access-Control-Allow-Credentials
true
X-Sovrn-Pod
ad_ap7ams1
Access-Control-Allow-Headers
X-Requested-With, Content-Type
Access-Control-Allow-Methods
GET, POST, DELETE, PUT
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://x.yieldlift.com/getuid?r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D314%26uid%3D%24UID
  • https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMWMyZDU5ZmYtYTliMC00MzIyLTllN2QtNzc3MDIwMDRmYTlhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0xNlQxNjo0MzowMS44MDEyNTVaIn0=
0
432 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMWMyZDU5ZmYtYTliMC00MzIyLTllN2QtNzc3MDIwMDRmYTlhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0xNlQxNjo0MzowMS44MDEyNTVaIn0=
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=314&uid=eyJ4dWlkIjoiMWMyZDU5ZmYtYTliMC00MzIyLTllN2QtNzc3MDIwMDRmYTlhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0xNlQxNjo0MzowMS44MDEyNTVaIn0=
Pragma
no-cache
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
Expires
0
generic
match.adsrvr.org/track/cmf/ Frame 1E97
Redirect Chain
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D
  • https://sync.1rx.io/usersync2/rmpssp?sub=duration&zcc=1&redir=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D321%26uid%3D%5BRX_UUID%5D&cb=1655397781460
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162575461
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162575461
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
Tengine
etag
RXddd3f684ba3c40a0bfc296739d9735fe003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=6162575461
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://p.rfihub.com/cm?pub=44007&in=1
  • https://ads.servenobid.com/sync?pid=324&uid=5140084920985061272
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=324&uid=5140084920985061272
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

Location
https://ads.servenobid.com/sync?pid=324&uid=5140084920985061272
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Jetty(9.3.29.v20201019)
Content-Length
0
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
usa
sync.go.sonobi.com/ Frame 1E97 		0
474 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.go.sonobi.com/usa?loc=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D332%26uid%3D
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
178.162.133.149 Rijswijk, Netherlands, ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL),
Reverse DNS
ams-1-sync.go.sonobi.com
Software
sonobi-go /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
sonobi-go
Vary
negotiate,Accept-Encoding
X-Go-Server
xcp-ams-1-7-9
P3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Cache-Control
no-cache, no-store, private
Tcn
Choice
Content-Type
text/plain; charset=utf8
Content-Length
0
X-Xss-Protection
0
Expires
Sat, 26 Jul 1997 05:00:00 GMT
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://prebid.a-mo.net/cchain/0?gdpr=0&gdpr_consent=&us_privacy=1YN-&&cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D327%26uid%3D
  • https://ads.servenobid.com/sync?pid=327&uid=71903f75-c989-4ea5-806e-51a7b7b8891a&gdpr=0&gdpr_consent=&us_privacy=1YN-
0
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=327&uid=71903f75-c989-4ea5-806e-51a7b7b8891a&gdpr=0&gdpr_consent=&us_privacy=1YN-
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=327&uid=71903f75-c989-4ea5-806e-51a7b7b8891a&gdpr=0&gdpr_consent=&us_privacy=1YN-
date
Thu, 16 Jun 2022 16:43:00 GMT
cache-control
max-age=0, private, must-revalidate
x-envoy-upstream-service-time
1
server
envoy
content-length
0
sync
ads.servenobid.com/ Frame 1E97
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58559/occ
  • https://ups.analytics.yahoo.com/ups/58559/occ?verify=true
  • https://ads.servenobid.com/sync?pid=337&uid=y-UVCMIRhE2uF8h3mF6xud0PRBhG1Cuv1OZWGnWV8-~A
0
367 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=337&uid=y-UVCMIRhE2uF8h3mF6xud0PRBhG1Cuv1OZWGnWV8-~A
Requested by
Host: public.servenobid.com
URL: https://public.servenobid.com/sync.html
Protocol
H2
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://public.servenobid.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0

Redirect headers

location
https://ads.servenobid.com/sync?pid=337&uid=y-UVCMIRhE2uF8h3mF6xud0PRBhG1Cuv1OZWGnWV8-~A
date
Thu, 16 Jun 2022 16:43:01 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
rubicon
match.adsrvr.org/track/cmf/ Frame 2CDF 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/rubicon?gdpr=0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pixel
cm.g.doubleclick.net/ Frame 2CDF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=25470&gdpr=0
  • https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRIOTNEWjEtWS1CR0g2&gdpr=0
170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRIOTNEWjEtWS1CR0g2&gdpr=0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H3
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=TDRIOTNEWjEtWS1CR0g2&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
ads.yahoo.com/cms/ Frame 2CDF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=26594&gdpr=0
  • https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4H93DZ1-Y-BGH6&sigv=1&esig=2~abe5269f5a5795ffbb99a957dc10d05ca1aab6e0&gdpr=0
0
194 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4H93DZ1-Y-BGH6&sigv=1&esig=2~abe5269f5a5795ffbb99a957dc10d05ca1aab6e0&gdpr=0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
2a00:1288:80:807::2 , United Kingdom, ASN203220 (YAHOO-DEB, GB),
Reverse DNS
Software
ATS /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=15552000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
no-store
x-content-type-options
nosniff
server
ATS
strict-transport-security
max-age=15552000
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection
1; mode=block

Redirect headers

Location
https://ads.yahoo.com/cms/v1?nwid=10000010181&eid=L4H93DZ1-Y-BGH6&sigv=1&esig=2~abe5269f5a5795ffbb99a957dc10d05ca1aab6e0&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
37b22a0c36bd84993dd2cda4a5e04b1d
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2CDF
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=rubicon&google_cm&google_sc&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL4l6KX961l7tz8xbHrSWgI&google_cver=1
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL4l6KX961l7tz8xbHrSWgI&google_cver=1
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://pixel.rubiconproject.com/tap.php?v=7751&nid=2249&expires=30&gdpr=0&put=CAESEL4l6KX961l7tz8xbHrSWgI&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
337
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
setuid
px.ads.linkedin.com/ Frame 2CDF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=36584&gdpr=0
  • https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4H93DZ1-Y-BGH6&gdpr=0
0
709 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4H93DZ1-Y-BGH6&gdpr=0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
2620:1ec:21::14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
x-li-pop
afd-prod-lva1-x
x-msedge-ref
Ref A: 6645DC39B69944D2AA28BAFA7CBBDC65 Ref B: FRAEDGE1312 Ref C: 2022-06-16T16:43:01Z
linkedin-action
1
x-cache
CONFIG_NOCACHE
x-li-fabric
prod-lva1
x-li-proto
http/2
content-length
0
x-li-uuid
AAXhk1S9+fvXmsBmct+V3A==

Redirect headers

Location
https://px.ads.linkedin.com/setuid?partner=rubiconDb&dbredirect=true&ruxId=L4H93DZ1-Y-BGH6&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
4b510f0cc5fcbc9800016ef543086418
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
tap.php
pixel.rubiconproject.com/ Frame 2CDF
Redirect Chain
  • https://token.rubiconproject.com/token?pid=2974&pt=n&a=1&gdpr=0
  • https://pr-bh.ybp.yahoo.com/sync/rubicon/cuCkhEuuaeSGUM0YhnGFxQ?csrc=&gdpr=0
  • https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5270483378470604597
0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5270483378470604597
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
HTTP/1.1
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif

Redirect headers

date
Thu, 16 Jun 2022 16:43:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://pixel.rubiconproject.com/tap.php?v=31950&nid=2974&put=5270483378470604597
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
709414.gif
id.rlcdn.com/ Frame 2CDF 		0
98 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/709414.gif?gdpr=0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
ecm3
aax-eu.amazon-adsystem.com/s/ Frame 2CDF
Redirect Chain
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/dcm?pid=a38a8ddf-19a7-4ab8-ba05-0a61de92a7e5&id=&gdpr=0&dcc=t
  • https://pixel.rubiconproject.com/token?pid=2179&pt=n&puid=KJd6WFEpSdyNVzDmKovfSA&rk=usync-other&gdpr=0
  • https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KJd6WFEpSdyNVzDmKovfSA&gdpr=0
43 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KJd6WFEpSdyNVzDmKovfSA&gdpr=0
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
HTTP/1.1
Server
52.95.126.160 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
D53JDB9R8N6N02S5D49T
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
Content-Type
image/gif
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://aax-eu.amazon-adsystem.com/s/ecm3?ex=rubiconprojectHMT&id=KJd6WFEpSdyNVzDmKovfSA&gdpr=0
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
0
X-RPHost
611afce88997db6fdd35eb213e662871
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
casale
match.adsrvr.org/track/cmf/ Frame 75BA 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame 75BA
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YqtdlXxQEofl2wP3IIeWLgAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Jun 2022 16:43:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
325
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame 75BA
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
AY4N07FCDKFFW1ZTYZFZ
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
Y0WTX6EWPK7NCNX73YGM
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
pixel
cm.g.doubleclick.net/ Frame 75BA 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
index
dmp.brand-display.com/cm/api/ Frame 75BA 		0
139 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmp.brand-display.com/cm/api/index?cm_dsp_id=191&cm_user_id=%3CIndex_user_id%3E&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.111.151.213 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
213.151.111.34.bc.googleusercontent.com
Software
nginx/1.22.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
server
nginx/1.22.0
content-type
image/gif
cache-control
max-age=3600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
sync
ups.analytics.yahoo.com/ups/55940/ Frame 75BA 		0
124 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YqtdlXxQEofl2wP3IIeWLgAABGIAAAAB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
crum
dsum-sec.casalemedia.com/ Frame 75BA
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca1d58e4-01fd-445d-82a7-5c1f863be761
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca1d58e4-01fd-445d-82a7-5c1f863be761
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Jun 2022 16:43:02 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=ca1d58e4-01fd-445d-82a7-5c1f863be761
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
rum
dsum-sec.casalemedia.com/ Frame 75BA
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=68&gdpr=1
  • https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nH84Qq2QFBH9WQf7kFoq1D_B2Q
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nH84Qq2QFBH9WQf7kFoq1D_B2Q
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Jun 2022 16:43:01 GMT

Redirect headers

Location
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=123&external_user_id=-nH84Qq2QFBH9WQf7kFoq1D_B2Q
Date
Thu, 16 Jun 2022 16:43:01 GMT
Connection
keep-alive
Content-Length
122
Content-Type
text/html; charset=utf-8
htw-pixel.gif
js-sec.indexww.com/ht/ Frame 75BA 		43 B
425 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://js-sec.indexww.com/ht/htw-pixel.gif?YqtdlXxQEofl2wP3IIeWLgAA%261122
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?d=https%3A%2F%2Fthreatpost.com%2F&s=184674&cb=https%3A%2F%2Fjs-sec.indexww.com%2Fht%2Fhtw-pixel.gif%3F&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Last-Modified
Tue, 24 Jan 2017 19:36:04 GMT
Server
Apache
ETag
"902a3d-2b-546dc3a097100"
P3P
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=3393
Connection
keep-alive
Accept-Ranges
bytes
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Jun 2022 17:39:34 GMT
pixel
cm.g.doubleclick.net/ Frame A1FD 		170 B
188 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=index&google_cm&google_hm=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
dcm
s.amazon-adsystem.com/ Frame A1FD
Redirect Chain
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB
  • https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB&dcc=t
43 B
645 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB&dcc=t
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
52.46.130.91 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
Server /
Resource Hash
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
Security Headers
Name Value
Strict-Transport-Security max-age=47474747; includeSubDomains; preload

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
V2X62CENG8SSKRQP97FN
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Vary
Content-Type,Accept-Encoding,X-Amzn-CDN-Cache,X-Amzn-AX-Treatment,User-Agent
Server
Server
x-amz-rid
BZYWG0C9ZXG6ETSMMZEB
Strict-Transport-Security
max-age=47474747; includeSubDomains; preload
p3p
policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location
https://s.amazon-adsystem.com/dcm?pid=78af914c-e755-4b90-bded-1b172aedc763&us_privacy=&gdpr=1&gdpr_consent=&id=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB&dcc=t
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Permissions-Policy
interest-cohort=()
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 GMT
crum
dsum-sec.casalemedia.com/ Frame A1FD
Redirect Chain
  • https://dsum-sec.casalemedia.com/rrum?ixi=1&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dbm%26google_cm%26google_sc%26google_hm%3D&gdpr=1
  • https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=casale_media2_dbm&google_cm&google_sc&google_hm=YqtdlVksbUYX.CH7VO-h8AAA
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1&google_hm=2
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1&google_hm=2
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Jun 2022 16:43:01 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=45&external_user_id=CAESEEPgTfS7ZdPjLbSmW8CwsQE&google_cver=1&gdpr=1&google_hm=2
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
341
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
casale
match.adsrvr.org/track/cmf/ Frame A1FD 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/casale?gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
crum
dsum-sec.casalemedia.com/ Frame A1FD
Redirect Chain
  • https://sync.extend.tv/r.gif?exchange=index
  • https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=126a6bc6-643d-47bf-aab2-f91e9a0ea956
43 B
783 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=126a6bc6-643d-47bf-aab2-f91e9a0ea956
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Server
23.35.236.247 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-35-236-247.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control
max-age=0, no-cache, no-store
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Thu, 16 Jun 2022 16:43:02 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Access-Control-Allow-Origin
*
Content-Type
text/html; charset=utf-8
Location
https://dsum-sec.casalemedia.com/crum?cm_dsp_id=152&external_user_id=126a6bc6-643d-47bf-aab2-f91e9a0ea956
Cache-Control
no-store, no-cache, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
132
Expires
Tue, 29 May 1984 15:00:00 GMT
sync
ups.analytics.yahoo.com/ups/55940/ Frame A1FD 		0
15 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/55940/sync?_origin=1&redir2=true&uid=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB&gdpr_consent=&us_privacy=&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.156.0.31 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-156-0-31.eu-central-1.compute.amazonaws.com
Software
ATS/9.1.0.46 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
server
ATS/9.1.0.46
age
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
getuid
secure.adnxs.com/ Frame A1FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.221.53 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
getuid
ib.adnxs.com/ Frame A1FD 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers
sync
ads.servenobid.com/ Frame A1FD 		0
357 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=333&uid=YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB
Requested by
Host: ssum-sec.casalemedia.com
URL: https://ssum-sec.casalemedia.com/usermatch?cb=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D333%26uid%3D&s=195491&C=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssum-sec.casalemedia.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
PugMaster
image6.pubmatic.com/AdServer/ Frame D5CD 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=16820503&p=156858&s=0&a=0&ptask=ALL&np=0&fp=0&rp=0&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
c19517e1ddc7b156b37a8962685220566a94653b17dfedd17d79522998947964

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:42:59 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length
1812
content-type
text/html; charset=UTF-8
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://secure.adnxs.com/getuid?https://usersync.gumgum.com/usersync?b=apn&i=$UID
  • https://usersync.gumgum.com/usersync?b=apn&i=1244441007486675437
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=apn&i=1244441007486675437
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
2fcae09e-b7b2-4a0a-ae1a-a56748118694
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://usersync.gumgum.com/usersync?b=apn&i=1244441007486675437
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
sync
odr.mookie1.com/t/v2/ Frame 2DDF
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=gumgum2&user_id=e_896dd721-9878-4a63-9e7f-da8df9dd859c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://x.bidswitch.net/ul_cb/sync?ssp=gumgum2&user_id=e_896dd721-9878-4a63-9e7f-da8df9dd859c&gdpr=0&gdpr_consent=&us_privacy=1---
  • https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=605d3ec1-7c39-4340-9bef-c98d39cf90dc&ssp=gumgum2&gdpr=0&gdpr_consent=
43 B
356 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=605d3ec1-7c39-4340-9bef-c98d39cf90dc&ssp=gumgum2&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
61.67.98.34.bc.googleusercontent.com
Software
Apache /
Resource Hash
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
server
Apache
p3p
CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif;charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
x-application-context
application
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
//odr.mookie1.com/t/v2/sync?tagid=V2_790378&src.visitorId=605d3ec1-7c39-4340-9bef-c98d39cf90dc&ssp=gumgum2&gdpr=0&gdpr_consent=
Date
Thu, 16 Jun 2022 16:43:01 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
cookie-sync
sync.outbrain.com/ Frame 2DDF
Redirect Chain
  • https://sync.outbrain.com/redirectObuid?platformId=GUMGU18H7EL9NI653I7DPEH51&gdpr=0&gdprConsent=&platformRdUrl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dobn%26i%3D%7BOB_UID%7D%26r%3D%7BobR...
  • https://usersync.gumgum.com/usersync?b=obn&i=ENC%28Xp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4%29&r=https%3A%2F%2Fsync.outbrain.com%2FsyncUser%3FplatformId%3D%7Bplatform_id%7D%...
  • https://sync.outbrain.com/syncUser?platformId=GUMGU18H7EL9NI653I7DPEH51&platformUid=e_896dd721-9878-4a63-9e7f-da8df9dd859c&obuid=ENC(Xp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4)
  • https://sync.outbrain.com/syncPartner?platformId=GUMGU18H7EL9NI653I7DPEH51
  • https://cms.quantserve.com/pixel/p-cxanv6hYFn1kw.gif?idmatch=0&obUid%3DXp5Ne8suGTSZ5JKZomI_o7w1Atqr824mjg7SXa5p8g6S_VUVMaPRKI_TooyZlje4
  • https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=nwflp5xRvKCEUOGjngapoJ8FsfSEV-b3ywwH_PZM
0
316 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=nwflp5xRvKCEUOGjngapoJ8FsfSEV-b3ywwH_PZM
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
70.42.32.127 , United States, ASN13789 (INTERNAP-BLK3, US),
Reverse DNS
ny.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
no-cache
X-TraceId
a6a8488d90062c4e7da4fe94a918664c
Content-Length
0

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:02 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://sync.outbrain.com/cookie-sync?p=quantcast&&uid=nwflp5xRvKCEUOGjngapoJ8FsfSEV-b3ywwH_PZM
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://us-u.openx.net/w/1.0/cm?_={CACHEBUSTER}&id=47f31213-389c-4904-aaa6-9b11aab9c211&gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dopx%26i%3D
  • https://usersync.gumgum.com/usersync?b=opx&i=99748ae1-83da-055b-2871-daa717ec43fd
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=opx&i=99748ae1-83da-055b-2871-daa717ec43fd
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
server
OXGW/7f1e280
vary
Accept, Accept-Encoding
p3p
CP="CUR ADM OUR NOR STA NID"
location
https://usersync.gumgum.com/usersync?b=opx&i=99748ae1-83da-055b-2871-daa717ec43fd
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
via
1.1 google
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=1&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sta&i=0-7f58393f-a9d0-4d47-747c-1ea15b682576$ip$80.255.7.100
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sta&i=0-7f58393f-a9d0-4d47-747c-1ea15b682576$ip$80.255.7.100
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=sta&i=0-7f58393f-a9d0-4d47-747c-1ea15b682576$ip$80.255.7.100
Date
Thu, 16 Jun 2022 16:43:02 GMT
Connection
keep-alive
Content-Length
126
Content-Type
text/html; charset=utf-8
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://pr-bh.ybp.yahoo.com/sync/gumgum?gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=oth&i=y-3hFqYhFE2pec0Sr_RaV52s61ikm9I7AM2BZ2~A
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=oth&i=y-3hFqYhFE2pec0Sr_RaV52s61ikm9I7AM2BZ2~A
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 16 Jun 2022 16:43:01 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
location
https://usersync.gumgum.com/usersync?b=oth&i=y-3hFqYhFE2pec0Sr_RaV52s61ikm9I7AM2BZ2~A
x-xss-protection
1; mode=block
content-length
0
x-content-type-options
nosniff
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?partner=gumgum&cspid=9&append=1&cb=${ADELPHIC_CACHE_BUSTER}&gdpr=0&gdpr_consent=&us_privacy=1---&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fuser...
  • https://usersync.gumgum.com/usersync?b=vnt&i=631f16fd-ed93-11ec-8290-0b5c966f72f2
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=vnt&i=631f16fd-ed93-11ec-8290-0b5c966f72f2
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Location
https://usersync.gumgum.com/usersync?b=vnt&i=631f16fd-ed93-11ec-8290-0b5c966f72f2
Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
631f16fe-ed93-11ec-8290-0b5c966f72f2
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://sync.technoratimedia.com/services?srv=cs&pid=65&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsnc%26i%3D%5BUSER_ID%5D
  • https://usersync.gumgum.com/usersync?b=snc&i=GDPR
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 varnish
server
nginx
age
0
location
https://usersync.gumgum.com/usersync?b=snc&i=GDPR
access-control-allow-methods
POST,GET,HEAD,OPTIONS
x-varnish
587450923
access-control-allow-origin
https://g2.gumgum.com/
access-control-allow-credentials
true
content-length
0
142
match.deepintent.com/usersync/ Frame 2DDF 		0
44 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.deepintent.com/usersync/142?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Ddit%26i%3D%24%7BDI_USER_ID%7D
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-length
0
server
b
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://b1sync.zemanta.com/usersync/gumgum/?puid=e_896dd721-9878-4a63-9e7f-da8df9dd859c&gdpr=0&gdpr_consent=&us_privacy=1---&cb=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dzem%26i%3D__ZUID__
  • https://stags.bluekai.com/site/23178?id=ygCM2cvNvC-l7EhzKXLo&redir=https%3A%2F%2Fb1sync.zemanta.com%2Fusersync%2Fbluekai%2Fcallback%2F%3Fd%3DNB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LO...
  • https://b1sync.zemanta.com/usersync/bluekai/callback/?d=NB2HI4DTHIXS65LTMVZHG6LOMMXGO5LNM52W2LTDN5WS65LTMVZHG6LOMM7WEPL2MVWSMZLYMNUGC3THMU6WO5LNM52W2JTHMRYHEPJQEZUT26LHINGTEY3WJZ3EGLLMG5CWQ6SLLBGG6...
  • https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ygCM2cvNvC-l7EhzKXLo&us_privacy=1---
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ygCM2cvNvC-l7EhzKXLo&us_privacy=1---
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
P3p
CP="We do not support P3P header."
Location
https://usersync.gumgum.com/usersync?b=zem&gdpr=0&i=ygCM2cvNvC-l7EhzKXLo&us_privacy=1---
Cache-Control
no-cache, no-store, must-revalidate
Content-Type
text/html; charset=utf-8
Content-Length
123
Expires
Thu, 01 Dec 1994 16:00:00 GMT
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://ad.360yield.com/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://ad.360yield.com/ul_cb/server_match?partner_id=N&r=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Didi%26i%3D%7BPUB_USER_ID%7D
  • https://usersync.gumgum.com/usersync?b=idi&i=545e9308-d442-4c04-b517-ad0593a97878
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=idi&i=545e9308-d442-4c04-b517-ad0593a97878
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:01 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=idi&i=545e9308-d442-4c04-b517-ad0593a97878
date
Thu, 16 Jun 2022 16:43:01 GMT
access-control-allow-origin
*
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
generic
match.adsrvr.org/track/cmf/ Frame 2DDF
Redirect Chain
  • https://sync.1rx.io/usersync2/floor6?gdpr=0&gdpr_consent=&dspret=1&redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Drhy%26i%3D%5BRX_UUID%5D
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3383624773
70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3383624773
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
Tengine
etag
RXddd3f684ba3c40a0bfc296739d9735fe003
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=3383624773
cache-control
no-store, no-cache, must-revalidate
content-type
text/html
expires
0
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://bh.contextweb.com/bh/rtset?pid=558355&ev=1&rurl=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpln%26i%3D%25%25VGUID%25%25
  • https://usersync.gumgum.com/usersync?b=pln&i=R0sfyz7XvMw6&ev=1&pid=558355
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=pln&i=R0sfyz7XvMw6&ev=1&pid=558355
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

strict-transport-security
max-age=15768000
server
Jetty(9.4.14.v20181114)
p3p
policyref="/bh/w3c/p3p.xml", CP="NOI DSP COR NID CURa DEVa PSAa OUR BUS COM NAV INT"
content-language
de-DE
location
https://usersync.gumgum.com/usersync?b=pln&i=R0sfyz7XvMw6&ev=1&pid=558355
cache-control
private, max-age=0, no-cache, no-store
cw-server
bh-deployment-5fbd64586c-5d5ln
expires
-1
usersync
usersync.gumgum.com/ Frame 2DDF
Redirect Chain
  • https://ssbsync.smartadserver.com/api/sync?callerId=15&redirectUri=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dsad%26i%3D%5Bssb_sync_pid%5D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=sad&i=2041178221297896427
35 B
250 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://usersync.gumgum.com/usersync?b=sad&i=2041178221297896427
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Type
image/gif
Content-Length
35
Expires
0

Redirect headers

location
https://usersync.gumgum.com/usersync?b=sad&i=2041178221297896427
date
Thu, 16 Jun 2022 16:43:01 GMT
content-length
0
sync
ads.servenobid.com/ Frame 2DDF 		0
358 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=309&uid=e_896dd721-9878-4a63-9e7f-da8df9dd859c
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://g2.gumgum.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
sync
ads.servenobid.com/ Frame 8E5C 		0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.servenobid.com/sync?pid=317&uid=2041178221297896427&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.215.213.114 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-215-213-114.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
amp-access-control-allow-source-origin
*
content-type
image/avif;charset=ISO-8859-1
access-control-allow-origin
*
access-control-expose-headers
AMP-Access-Control-Allow-Source-Origin
cache-control
no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
access-control-allow-credentials
true
content-length
0
/
rtb-csync.smartadserver.com/redir/ Frame 8E5C
Redirect Chain
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=
  • https://sync.tidaltv.com/genericusersync.ashx?dpid=3157&gdpr=0&gdpr_consent=&s_h=1
  • https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=06b38338-9d34-477c-9e94-29a74cac25a7&gdpr=0&gdpr_consent=
43 B
456 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=06b38338-9d34-477c-9e94-29a74cac25a7&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

location
https://rtb-csync.smartadserver.com/redir/?partnerid=96&partneruserid=06b38338-9d34-477c-9e94-29a74cac25a7&gdpr=0&gdpr_consent=
pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
no-cache, no-store, max-age=0, must-revalidate
content-length
0
x-xss-protection
1; mode=block
expires
0
smartadserver
cs.admanmedia.com/sync/ Frame 8E5C 		0
225 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.admanmedia.com/sync/smartadserver?us_privacy=&coppa=&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
88.214.206.247 , United Kingdom, ASN46636 (NATCOWEB, US),
Reverse DNS
buycheapfags.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Frame-Options DENY

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Strict-Transport-Security
max-age=63072000; includeSubdomains; preload
Server
nginx
Connection
keep-alive
X-Frame-Options
DENY
Content-Type
text/plain
/
rtb-csync.smartadserver.com/redir/ Frame 8E5C
Redirect Chain
  • https://rtb-csync.smartadserver.com/redir/?issi=1&partnerid=76&partneruserid=GOOGLE_HOSTED_SI&redirurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dsmartrtb_dbm%26google_cm%26google_sc...
  • https://cm.g.doubleclick.net/pixel?google_nid=smartrtb_dbm&google_cm&google_sc&google_hm=MjA0MTE3ODIyMTI5Nzg5NjQyNw==&gdpr=0&gdpr_consent=
  • https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEI9tU6iPdYJjqyHKY8nP2PM&gdpr=0&gdpr_consent=&google_cver=1
43 B
416 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEI9tU6iPdYJjqyHKY8nP2PM&gdpr=0&gdpr_consent=&google_cver=1
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
HTTP/1.1
Server
185.86.139.114 , France, ASN201081 (SMARTADSERVER, FR),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
cache-control
no-cache,no-store
content-type
image/gif
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://rtb-csync.smartadserver.com/redir/?partnerid=76&partneruserid=CAESEI9tU6iPdYJjqyHKY8nP2PM&gdpr=0&gdpr_consent=&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
345
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
711890.gif
id.rlcdn.com/ Frame 8E5C 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Requested by
Host: ssbsync.smartadserver.com
URL: https://ssbsync.smartadserver.com/api/sync?callerId=9&gdpr=0&gdpr_consent=&us_privacy=1YN-&&redirect=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D317%26uid%3D%24UID
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
68.174.244.35.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ssbsync.smartadserver.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
usersync
usersync.gumgum.com/ Frame B7D7
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=71&gdpr=0&gdpr_consent=&redir=https%3a%2f%2fusersync.gumgum.com%2fusersync%3fb%3dmmh%26i%3d%5bMM_UUID%5d
  • https://usersync.gumgum.com/usersync?b=mmh&i=fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=mmh&i=fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
Thu, 16 Jun 2022 16:43:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4447 e18e916 master zrh-pixel-x25 config:1.0.0
location
https://usersync.gumgum.com/usersync?b=mmh&i=fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
usersync
usersync.gumgum.com/ Frame 7000
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/URnmbSKM?redir=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Datm%26i%3D%24%7BTM_USER_ID%7D&gdpr=0&gdpr_consent=
  • https://usersync.gumgum.com/usersync?b=atm&i=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=atm&i=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 16 Jun 2022 16:43:01 GMT
location
https://usersync.gumgum.com/usersync?b=atm&i=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4052-HHN
x-timer
S1655397782.709837,VS0,VE0
pixel
cm.g.doubleclick.net/ Frame A93B 		170 B
188 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=gumgum_dbm&google_hm=ZV84OTZkZDcyMS05ODc4LTRhNjMtOWU3Zi1kYThkZjlkZDg1OWM=&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.98 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s06-in-f2.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
170
content-type
image/png
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 16:43:01 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame DC94 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=64603
content-encoding
gzip
content-length
5549
content-type
text/html
date
Thu, 16 Jun 2022 16:43:01 GMT
etag
"1300708-3de4-5d6ef246ef4cf"
expires
Fri, 17 Jun 2022 10:39:44 GMT
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
Apache
vary
Accept-Encoding
x-xss-protection
1; mode=block
generic
match.adsrvr.org/track/cmf/ Frame 639F 		70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=gumgum&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 16 Jun 2022 16:43:01 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319
usersync
usersync.gumgum.com/ Frame 5318
Redirect Chain
  • https://cs.emxdgt.com/um?redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24UID&gdpr=0&gdpr_consent=
  • https://ib.adnxs.com/getuid?https://cs.emxdgt.com/umcheck?apnxid=$UID&redirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Demx%26i%3D%24EMXUID
  • https://cs.emxdgt.com/umcheck?apnxid=1244441007486675437&redirect=https://usersync.gumgum.com/usersync?b=emx&i=$EMXUID
  • https://usersync.gumgum.com/usersync?b=emx&uid=1244441007486675437brt3031655397781644602f1
35 B
250 B 		Document
General
Check archive.org
Download Go to
Full URL
https://usersync.gumgum.com/usersync?b=emx&uid=1244441007486675437brt3031655397781644602f1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.210.15.1 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-210-15-1.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
private, no-store, must-revalidate, max-age=0
Connection
keep-alive
Content-Length
35
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
0
Pragma
no-cache

Redirect headers

content-length
0
content-type
text/html
date
Thu, 16 Jun 2022 16:43:00 GMT
location
https://usersync.gumgum.com/usersync?b=emx&uid=1244441007486675437brt3031655397781644602f1
usersync
rtb.gumgum.com/ Frame B622
Redirect Chain
  • https://tg.socdm.com/aux/idsync?proto=gumgum
  • https://rtb.gumgum.com/usersync?b=sus&i=YqtdlsCo8YQAANT-NcIAAAAA
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=sus&i=YqtdlsCo8YQAANT-NcIAAAAA
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.153.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 16 Jun 2022 16:43:02 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

Cache-Control
private
Connection
keep-alive
Content-Length
0
Date
Thu, 16 Jun 2022 16:43:02 GMT
Location
https://rtb.gumgum.com/usersync?b=sus&i=YqtdlsCo8YQAANT-NcIAAAAA
P3P
CP="See also http://www.scaleout.jp/privacy/"
Server
nginx
X-SO-Ads-Time
9
X-SO-Cluster-ID
21
X-SO-HostName
m-ad341.dc4p.scaleout.jp
X-SO-IP
80.255.7.100
X-SO-Key
YqtdlsCo8YQAANT-NcIAAAAA
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=gumgum","cluster_id":21,"gdpr":true,"ipv4":"0.0.0.0","key":"YqtdlsCo8YQAANT-NcIAAAAA","privacy_sensitive":true,"uid":"","upstream_id":"m-ad341"}
X-SO-LB-Hostname
m-tgng32.dc4p.scaleout.jp
X-SO-Upstream-ID
m-ad341
usersync
rtb.gumgum.com/ Frame DEEF
Redirect Chain
  • https://creativecdn.com/cm-notify?pi=gumgum
  • https://creativecdn.com/cm-notify?pi=gumgum&tc=1
  • https://rtb.gumgum.com/usersync?b=rth&i=z4MkVvOpgjByW7rJSR0L&pi=gumgum&tc=1
35 B
208 B 		Document
General
Check archive.org
Download Go to
Full URL
https://rtb.gumgum.com/usersync?b=rth&i=z4MkVvOpgjByW7rJSR0L&pi=gumgum&tc=1
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.153.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private, no-store, must-revalidate, max-age=0
content-length
35
content-type
image/gif;charset=UTF-8
date
Thu, 16 Jun 2022 16:43:01 GMT
expires
0
pragma
no-cache
server
nginx
timing-allow-origin
*

Redirect headers

cache-control
no-cache, no-store, must-revalidate, private, max-age=0
content-length
0
date
Thu, 16 Jun 2022 16:43:01 GMT Thu, 16 Jun 2022 16:43:01 GMT
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://rtb.gumgum.com/usersync?b=rth&i=z4MkVvOpgjByW7rJSR0L&pi=gumgum&tc=1
pragma
no-cache
usync.html
eus.rubiconproject.com/ Frame 6882
Redirect Chain
  • https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=gumgum
  • https://eus.rubiconproject.com/usync.html?p=gumgum
281 B
554 B 		Document
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.html?p=gumgum
Requested by
Host: g2.gumgum.com
URL: https://g2.gumgum.com/usync/13926?gdpr=0&gdpr_consent=&us_privacy=1---&r=https%3A%2F%2Fads.servenobid.com%2Fsync%3Fpid%3D309%26uid%3D
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) /
Resource Hash
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Referer
https://g2.gumgum.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Accept-Ranges
bytes
Connection
keep-alive
Content-Encoding
gzip
Content-Length
233
Content-Type
text/html; charset=UTF-8
Date
Thu, 16 Jun 2022 16:43:01 GMT
ETag
"40014-119-5d32342a551c0"
Last-Modified
Tue, 14 Dec 2021 23:07:59 GMT
Server
Apache/2.2.15 (CentOS)
Vary
Accept-Encoding

Redirect headers

access-control-allow-credentials
true
access-control-allow-origin
*
content-length
0
date
Thu, 16 Jun 2022 16:43:01 GMT
location
https://eus.rubiconproject.com/usync.html?p=gumgum
server
AkamaiGHost
usync.js
eus.rubiconproject.com/ Frame 6882 		31 KB
10 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://eus.rubiconproject.com/usync.js
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.205.235.133 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-205-235-133.deploy.static.akamaitechnologies.com
Software
Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/usync.html?p=gumgum
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Content-Encoding
gzip
Last-Modified
Thu, 09 Jun 2022 17:17:26 GMT
Server
Apache/2.2.15 (CentOS)
X-Powered-By
PHP/5.3.3
Vary
Accept-Encoding
p3p
CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control
max-age=16110
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Content-Length
9454
Expires
Thu, 16 Jun 2022 21:11:31 GMT
sync.php
pixel.rubiconproject.com/exchange/ Frame 6882 		0
239 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/exchange/sync.php?p=gumgum&khaos=L4H93DZ1-Y-BGH6
Requested by
Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=gumgum
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://eus.rubiconproject.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost
611afce88997db6fdd35eb213e662871
Content-Type
image/gif
match
c1.adform.net/serving/cookie/ Frame 2FB9 		35 B
477 B 		Document
General
Check archive.org
Download Go to
Full URL
https://c1.adform.net/serving/cookie/match?party=14&cid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
37.157.5.142 , Denmark, ASN198622 (ADFORM, DK),
Reverse DNS
Software
nginx /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
access-control-allow-methods
GET
access-control-allow-origin
*
access-control-max-age
86400
cache-control
no-cache, no-store, must-revalidate, no-transform
content-type
image/gif
date
Thu, 16 Jun 2022 16:43:01 GMT
expires
-1
pragma
no-cache
server
nginx
strict-transport-security
max-age=31536000; includeSubDomains
Pug
simage2.pubmatic.com/AdServer/ Frame D2CA
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&gdpr=0&gdpr_consent=&redir=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA%3D%3D%26piggybackCookie%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
0
225 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 16:43:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache
Connection
keep-alive
Content-Length
0
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:01 GMT
Expires
Thu, 16 Jun 2022 16:43:00 GMT
Keep-Alive
timeout=360
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Server
MT3 4447 e18e916 master zrh-pixel-x1 config:1.0.0
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM2MiZ0bD0xMjk2MDA==&piggybackCookie=uid:fccd62ab-5d95-4f00-a746-431f8487ce09&gdpr=0&gdpr_consent=
Pug
image2.pubmatic.com/AdServer/ Frame E230
Redirect Chain
  • https://d5p.de17a.com/getuid/pubmatic?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://d5p.de17a.com/getuid/pubmatic;c?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=$UID
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1280365207208777108
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1280365207208777108
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 16:43:01 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI3NDUmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=1280365207208777108
p3p
CP=NON CURa ADMa DEVa TAIa OUR STP IND UNI COM NAV
usersync.aspx
dis.criteo.com/dis/ Frame 469C 		43 B
363 B 		Document
General
Check archive.org
Download Go to
Full URL
https://dis.criteo.com/dis/usersync.aspx?r=3&p=4&cp=pubmaticUS&cu=1&&gdpr=0&gdpr_consent=&url=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:@@CRITEO_USERID@@
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.0.163 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-cache
content-type
image/gif
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 16:43:01 GMT
expires
Thu, 16 Jun 2022 00:00:00 GMT
p3p
CP="NON DSP COR CURa PSA PSD OUR BUS NAV STA"
pragma
no-cache
server
Kestrel
server-processing-duration-in-ticks
490387
strict-transport-security
max-age=31536000; preload;
x-errorlevel
0
user_sync.html
ads.pubmatic.com/AdServer/js/ Frame D5CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=uSRyl2apRravsescT9KWTw%3D%3D
  • https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
13 KB
13 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.102.28.254 Milan, Italy, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a104-102-28-254.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
last-modified
Tue, 01 Feb 2022 06:38:00 GMT
server
Apache
etag
"1300708-3de4-5d6ef246ef4cf"
vary
Accept-Encoding
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
access-control-allow-origin
https://ci-va2qa-mgmt.pubmatic.com
cache-control
max-age=64603
accept-ranges
bytes
content-type
text/html
content-length
5549
x-xss-protection
1; mode=block
expires
Fri, 17 Jun 2022 10:39:44 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156578&predirect=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
272
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
SPug
image4.pubmatic.com/AdServer/ Frame D5CD
Redirect Chain
  • https://sync.mathtag.com/sync/img?mt_exid=3&redir=https%3A%2F%2Fimage4.pubmatic.com%2FAdServer%2FSPug%3FpartnerID%3D27%26partnerUID%3D%5BMM_UUID%5D
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fccd62ab-5d95-4f00-a746-431f8487ce09
0
260 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fccd62ab-5d95-4f00-a746-431f8487ce09
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:02 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

Date
Thu, 16 Jun 2022 16:43:01 GMT
Server
MT3 4447 e18e916 master zrh-pixel-x5 config:1.0.0
Access-Control-Allow-Origin
*
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location
https://image4.pubmatic.com/AdServer/SPug?partnerID=27&partnerUID=fccd62ab-5d95-4f00-a746-431f8487ce09
Cache-Control
no-cache
Connection
keep-alive
Content-Type
image/gif
Keep-Alive
timeout=360
Content-Length
0
Expires
Thu, 16 Jun 2022 16:43:00 GMT
pixel
ps.eyeota.net/ Frame D5CD
Redirect Chain
  • https://pixel.onaudience.com/?partner=214&mapped=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1
  • https://loada.exelator.com/load/?p=1164&g=1&j=r&ru=https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D161%26icm%26cver%26mapped%3D%25%25UID%25%25%26gdpr%3D1&xl8blockcheck=1
  • https://pixel.onaudience.com/?partner=161&icm&cver&mapped=420b76289444c1677fa5b449e7b20a61&gdpr=1
  • https://sync.crwdcntrl.net/map/c=8587/tp=CLOD/tpid=63d14de507c68b3a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%...
  • https://sync.crwdcntrl.net/map/ct=y/c=8587/tp=CLOD/tpid=63d14de507c68b3a/gdpr=1/gdpr_consent=?https%3A%2F%2Fpixel.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdp...
  • https://pixel.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=1&gdpr_consent=${gdpr_consent}
  • https://pixel.onaudience.com/?partner=162&icm&cver&gdpr=1&gdpr_consent=${gdpr_consent}&smartmap=1&redirect=ps.eyeota.net%2Fpixel%3Fgdpr%3D1%26gdpr_consent%3D${gdpr_consent}%26pid%3Ddn5h51u%26t%3Dgi...
  • https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=97eec2da568600a1
0
344 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=97eec2da568600a1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
HTTP/1.1
Server
3.121.27.153 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-3-121-27-153.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:03 GMT
Content-Length
0
P3P
CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

location
https://ps.eyeota.net/pixel?gdpr=1&gdpr_consent=${gdpr_consent}&pid=dn5h51u&t=gif&uid=97eec2da568600a1
content-length
0
Pug
image2.pubmatic.com/AdServer/ Frame D5CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_hm=QjkyNDcyOTctNjZBOS00NkI2LUFGQjEtRUIxQzRGRDI5NjRG&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjImdGw9MTI5NjAw&gdpr=0&gdpr_consent=
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
313
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame D5CD
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=pubmatic&google_cm&google_sc&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAvzBXMa107U-YH4vUHpxn8&google_cver=1
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAvzBXMa107U-YH4vUHpxn8&google_cver=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:01 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:01 GMT
server
HTTP server (unknown)
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTIxNzcmdGw9MTI5NjAw&gdpr=0&gdpr_consent=&piggybackCookie=CAESEAvzBXMa107U-YH4vUHpxn8&google_cver=1
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
379
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
pubmatic
um.simpli.fi/ Frame D5CD 		43 B
613 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://um.simpli.fi/pubmatic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODA2JnRsPTUxODQwMA==&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
169.50.137.182 , United States, ASN36351 (SOFTLAYER, US),
Reverse DNS
b6.89.32a9.ip4.static.sl-reverse.com
Software
/
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
Strict-Transport-Security max-age=63072000; includeSubdomains; preload
X-Content-Type-Options nosniff

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:02 GMT
x-content-type-options
nosniff
last-modified
Mon, 28 Sep 1970 06:00:00 GMT
strict-transport-security
max-age=63072000; includeSubdomains; preload
access-control-allow-methods
GET, POST, OPTIONS
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache
access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length
43
expires
Wed, 15 Jun 2022 16:43:02 GMT
async_usersync
ib.adnxs.com/ Frame 62F7 		0
741 B 		Script
General
Check archive.org
Download Go to
Full URL
https://ib.adnxs.com/async_usersync?cbfn=queuePixels
Requested by
Host: acdn.adnxs.com
URL: https://acdn.adnxs.com/dmp/async_usersync.html
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),
Reverse DNS
717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://acdn.adnxs.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:02 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
368c3c6e-2ad1-4560-b6ec-cd5793bf9858
Server
nginx/1.21.3
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control
no-store, no-cache, private
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
SPug
simage4.pubmatic.com/AdServer/ Frame D5CD 		0
179 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156858&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?kdntuid=1&p=156858&gdpr=0&gdpr_consent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 49A1 		5 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=26945132&p=156319&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
515a0c2343b09d4b80d8ac3d0e87a188c61e3fa861f27db0f294d6a9db3e2c3a

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:03 GMT
content-type
text/html; charset=UTF-8
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
PugMaster
image6.pubmatic.com/AdServer/ Frame 301C 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=12775926&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fx.yieldlift.com%2Fsetuid%3Fbidder%3Dpubmatic%26gdpr%3D0%26gdpr_consent%3D%26us_privacy%3D1YN-%26uid%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:03 GMT
content-length
0
Pug
simage2.pubmatic.com/AdServer/ Frame D45D
Redirect Chain
  • https://dsp.adfarm1.adition.com/cookie/?ssp=9
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7109879344173414553
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7109879344173414553
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 06:29:29 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Date
Thu, 16 Jun 2022 16:43:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMzOTkmdGw9NDMyMDA=&piggybackCookie=7109879344173414553
Server
nginx
Transfer-Encoding
chunked
p3p
policyref="http://imagesrv.adition.com/w3c/p3p.xml",CP="NON DSP ADM DEV PSD IVDo OTPi OUR IND STP PHY PRE NAV UNI"
Pug
simage2.pubmatic.com/AdServer/ Frame B369
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=11
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f1g5P6nQTUd0fB6hW2gldlD_B2Q
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f1g5P6nQTUd0fB6hW2gldlD_B2Q
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 06:27:39 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Connection
keep-alive
Content-Length
159
Content-Type
text/html; charset=utf-8
Date
Thu, 16 Jun 2022 16:43:04 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzEmdGw9MTI5NjAw&piggybackCookie=f1g5P6nQTUd0fB6hW2gldlD_B2Q
Pug
simage2.pubmatic.com/AdServer/ Frame C5ED
Redirect Chain
  • https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D%...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 16:43:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

accept-ranges
bytes
cache-control
no-cache
content-length
0
date
Thu, 16 Jun 2022 16:43:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=YqtdjgAAAJTvogOV&gdpr=0&gdpr_consent=
pragma
no-cache
retry-after
0
server
Varnish
via
1.1 varnish
x-cache
HIT
x-cache-hits
0
x-served-by
cache-hhn4052-HHN
x-timer
S1655397785.658903,VS0,VE0
adx
match.prod.bidr.io/cookie-sync/ Frame 38D9
Redirect Chain
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=
  • https://match.prod.bidr.io/cookie-sync/pm&gdpr=0&gdpr_consent=?_bee_ppp=1
  • https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFIUUZVN0ZWcnNBQUJQVFZ1alBBQQ&bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sy...
  • https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
43 B
430 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.208.216.244 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-208-216-244.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
Security Headers
Name Value
Strict-Transport-Security max-age=2592000; includeSubDomains

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
43
Date
Thu, 16 Jun 2022 16:43:06 GMT
Server
nginx
cache-control
no-cache, must-revalidate
content-type
image/gif
expires
Fri, 01 Jan 1990 00:00:00 GMT
p3p
CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma
no-cache
strict-transport-security
max-age=2592000; includeSubDomains

Redirect headers

alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control
no-cache, must-revalidate
content-length
355
content-type
text/html; charset=UTF-8
cross-origin-resource-policy
cross-origin
date
Thu, 16 Jun 2022 16:43:05 GMT
expires
Fri, 01 Jan 1990 00:00:00 GMT
location
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=sas%2Cpp%2Cpm&bee_sync_current_partner=adx&bee_sync_initiator=pm&bee_sync_hop_count=1
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma
no-cache
server
HTTP server (unknown)
x-xss-protection
0
bridge
cm.adgrx.com/ Frame F620 		43 B
408 B 		Document
General
Check archive.org
Download Go to
Full URL
https://cm.adgrx.com/bridge?AG_PID=pubmatic&AG_SETCOOKIE&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
72.251.241.206 Amsterdam, Netherlands, ASN29791 (VOXEL-DOT-NET, US),
Reverse DNS
Software
Cowboy /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate, proxy-revalidate
Connection
keep-alive
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:04 GMT
Expires
Thu, 23 Sep 2004 17:42:04 GMT
P3P
CP="NOI OTC OTP OUR NOR"
Pragma
no-cache
X-RealServer-NX
ams-delivery-4
server
Cowboy
Pug
simage2.pubmatic.com/AdServer/ Frame 0318
Redirect Chain
  • https://csync.loopme.me/?redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MzImdGw9MTI5NjAw&piggybackCookie={device_id}&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 16:43:07 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
date
Thu, 16 Jun 2022 16:43:07 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode&gdpr_consent=null&piggybackCookie={device_id}&gdpr=0
server
_
generic
match.adsrvr.org/track/cmf/ Frame B9C6
Redirect Chain
  • https://sync.1rx.io/usersync2/pubmatic&gdpr=0&gdpr_consent=
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1762952545
70 B
264 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1762952545
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
private,no-cache, must-revalidate
content-length
70
content-type
image/gif
date
Thu, 16 Jun 2022 16:43:04 GMT
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
pragma
no-cache
x-aspnet-version
4.0.30319

Redirect headers

cache-control
no-store, no-cache, must-revalidate
content-type
text/html
date
Thu, 16 Jun 2022 16:43:04 GMT
etag
RXddd3f684ba3c40a0bfc296739d9735fe003
expires
0
location
https://match.adsrvr.org/track/cmf/generic?ttd_pid=adconductor&ttd_tpi=1&rndcb=1762952545
p3p
CP="This is not a P3P policy! See https://www.rhythmone.com/p3p to learn why"
pragma
no-cache
server
Tengine
i.match
s.tribalfusion.com/z/ Frame 706B
Redirect Chain
  • https://a.tribalfusion.com/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATI...
  • https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMA...
43 B
446 B 		Document
General
Check archive.org
Download Go to
Full URL
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:4400::ac40:98f5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
71c5009c3f92996f-FRA
content-length
43
content-type
image/gif; charset=utf-8
date
Thu, 16 Jun 2022 16:43:05 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
302

Redirect headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control
no-cache private
cf-cache-status
DYNAMIC
cf-ray
71c5009adcad996f-FRA
content-type
text/html
date
Thu, 16 Jun 2022 16:43:04 GMT
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires
Thu, 01 Jan 1970 00:00:00 GMT
location
https://s.tribalfusion.com/z/i.match?p=b11&redirect=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzMjYmdGw9MTI5NjAw%26piggybackCookie%3D%24TF_USER_ID_ENC%24&u=${PUBMATIC_UID}
p3p
CP="NOI DEVo TAIa OUR BUS"
pragma
no-cache
server
cloudflare
x-function
206
x-reuse-index
431
Pug
image2.pubmatic.com/AdServer/ Frame EC92
Redirect Chain
  • https://green.erne.co/pubmatic/cm?
  • https://pixel-eu.onaudience.com/?partner=270&smartmap=1&gdpr=&gdpr_consent=&redirect=image2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%3D%25_rid
  • https://sync.crwdcntrl.net/map/c=14544/tp=BIDB/gdpr=/gdpr_consent=?https%3A%2F%2Fpixel-eu.onaudience.com%2F%3Fpartner%3D104%26icm%26cver%26mapped%3D%24%7Bprofile_id%7D%26gdpr%3D%24%7Bgdpr%7D%26redi...
  • https://pixel-eu.onaudience.com/?partner=104&icm&cver&mapped=&gdpr=&redirect=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw%26piggybackCookie%...
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UYQbWQnVaTjUShYg
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UYQbWQnVaTjUShYg
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 16:43:03 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

content-length
0
location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4ODQmdGw9MTI5NjAw&piggybackCookie=H1I2i050UYQbWQnVaTjUShYg
cookiesync
core.iprom.net/ Frame 0997 		43 B
279 B 		Document
General
Check archive.org
Download Go to
Full URL
https://core.iprom.net/cookiesync
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
195.5.165.20 , Slovenia, ASN44968 (IPROM-AS, SI),
Reverse DNS
Software
/
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
close
Content-Length
43
Content-Type
image/gif
Date
Thu, 16 Jun 2022 16:43:04 GMT
Vary
Accept-Encoding
X-adserver-worker
ragnarok-9351566c78c4@version_1.511
X-core-time
0ms
X-server-arch
v2
rtb-h
match.taboola.com/sg/pubmatic-ssp-network/1/ Frame 9ABC
Redirect Chain
  • https://trc.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw&piggybackCookie=uid:$UID
  • https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=320dd50a-6050-433c-946f-f1e399f43208-tuct9a4e318&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdSe...
0
147 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=320dd50a-6050-433c-946f-f1e399f43208-tuct9a4e318&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.129.44 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

accept-ranges
bytes
content-length
0
date
Thu, 16 Jun 2022 16:43:04 GMT
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-hhn4064-HHN
x-timer
S1655397785.905207,VS0,VE9

Redirect headers

accept-ranges
bytes
content-length
0
date
Thu, 16 Jun 2022 16:43:04 GMT
location
https://match.taboola.com/sg/pubmatic-ssp-network/1/rtb-h?taboola_hm=1&tbid=320dd50a-6050-433c-946f-f1e399f43208-tuct9a4e318&query=taboola_hm%3D1%26redir%3Dhttps%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTM0MjcmdGw9MTI5NjAw%26piggybackCookie%3Duid%3A%24UID&isDirect=0
server
nginx
via
1.1 varnish
x-cache
MISS
x-cache-hits
0
x-served-by
cache-fra19148-FRA
x-timer
S1655397785.759906,VS0,VE9
x-vcl-time-ms
9
pub
matching.truffle.bid/sync/ Frame EB6D 		0
0
141
match.deepintent.com/usersync/ Frame 3C4B 		0
39 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.deepintent.com/usersync/141?gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
169.197.150.8 , United States, ASN398989 (DEEPINTENT, US),
Reverse DNS
g.deepintent.com
Software
b /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

content-length
0
date
Thu, 16 Jun 2022 16:43:03 GMT
server
b
usersync
match.bnmla.com/ Frame 95D2 		0
114 B 		Document
General
Check archive.org
Download Go to
Full URL
https://match.bnmla.com/usersync?sspid=10738&redir=https%3A//simage2.pubmatic.com/AdServer/Pug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTI3NzUmdGw9MTI5NjAw%26piggybackCookie%3D%5BUUID%5D
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
38.27.122.101 Chestertown, United States, ASN174 (COGENT-174, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Connection
keep-alive
Content-Length
0
Date
Thu, 16 Jun 2022 16:43:04 GMT
Server
nginx
Pug
simage2.pubmatic.com/AdServer/ Frame FDC7
Redirect Chain
  • https://um.simpli.fi/pm_match?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FF6D94AD82C546B38AEDAF5FBB9D441E
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FF6D94AD82C546B38AEDAF5FBB9D441E
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 07:05:18 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

access-control-allow-headers
DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
cache-control
no-cache
content-length
138
content-type
text/html
date
Thu, 16 Jun 2022 16:43:04 GMT
expires
Wed, 15 Jun 2022 16:43:04 GMT
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjkzNiZ0bD00MzIwMA==&piggybackCookie=uid:FF6D94AD82C546B38AEDAF5FBB9D441E
server
nginx
strict-transport-security
max-age=63072000; includeSubdomains; preload
x-content-type-options
nosniff
Pug
simage2.pubmatic.com/AdServer/ Frame 8CDA
Redirect Chain
  • https://pm.w55c.net/ping_match.gif?ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://pm.w55c.net/ping_match.gif?scc=1&ei=PUBMATIC&rurl=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:_wfivefivec_&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7OWpLZpV1O1SAg5&gdpr=0&gdpr_consent=
0
74 B 		Document
General
Check archive.org
Download Go to
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7OWpLZpV1O1SAg5&gdpr=0&gdpr_consent=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

cache-control
no-store, no-cache, private
content-encoding
gzip
content-type
text/html; charset=utf-8
date
Thu, 16 Jun 2022 16:43:04 GMT
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
server
nginx

Redirect headers

Cache-Control
no-cache, must-revalidate
Connection
keep-alive
Content-Length
0
Date
Thu, 16 Jun 2022 16:43:04 GMT
Expires
Fri, 01 Jan 1990 00:00:00 GMT
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNzQmdGw9MTI5NjAw&piggybackCookie=uid:7OWpLZpV1O1SAg5&gdpr=0&gdpr_consent=
Pragma
no-cache
Server
PingMatch/658332f#658332fc5aaa95d8a9be88d89d84d3c319923363 i-04a86ba4b882a626d@eu-central-1b@dxedge-app-eu-central-1-prod-asg
Strict-Transport-Security
max-age=2592000; includeSubDomains
usersync
x.serverbid.com/ Frame 5492 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://x.serverbid.com/usersync?ttt=3&src=2&cspi=0&cn=3&spui=&dpui=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
159.89.246.130 Clifton, United States, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software
/
Resource Hash

Request headers

Referer
https://ads.pubmatic.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
origin, content-type, accept
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
https://ads.pubmatic.com
access-control-max-age
10080
date
Thu, 16 Jun 2022 16:43:04 GMT
Artemis
aud.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&gdpr=
  • https://visitor.fiftyt.com/p.gif?ev=sync&p=pm&pm_uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&gdpr=&fbounce=1
  • https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&addseg=19,36,42
0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&addseg=19,36,42
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.190.87 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Redirect headers

date
Thu, 16 Jun 2022 16:43:04 GMT
via
1.1 google
p3p
CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location
https://aud.pubmatic.com/AdServer/Artemis?dpid=431&userid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&addseg=19,36,42
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
text/html; charset=utf-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
141
info2
uipglob.semasio.net/pubmatic/1/ Frame 49A1
Redirect Chain
  • https://uipglob.semasio.net/pubmatic/1/info?sType=sync&sExtCookieId=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&sInitiator=external&gdpr=0&gdpr_consent=
  • https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&sInitiator=external&gdpr=0&gdpr_consent=
42 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://uipglob.semasio.net/pubmatic/1/info2?sType=sync&sExtCookieId=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&sInitiator=external&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
HTTP/1.1
Server
77.243.60.138 Aalborg, Denmark, ASN42697 (NETIC-AS, DK),
Reverse DNS
Software
/
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:06 GMT
frontend-id
6
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type
image/gif
content-length
42
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:06 GMT
frontend-id
2
location
/pubmatic/1/info2?sType=sync&sExtCookieId=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&sInitiator=external&gdpr=0&gdpr_consent=
p3p
policyref="http://uip.semasio.net/w3c/p3p.xml", CP="NOI PSAa PSDa OUR IND UNI CNT"
access-control-allow-origin
*
uip-response-status
Ok
cache-control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
0
routing-server-id
-1
expires
Sat, 01 Jan 2011 12:00:00 GMT
mw
mwzeom.zeotap.com/ Frame 49A1 		95 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mwzeom.zeotap.com/mw?zpartnerid=1384&env=mWeb&gdpr=0&gdpr_consent=&cid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700:10::ac43:db6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:04 GMT
via
1.1 google
cf-cache-status
DYNAMIC
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Origin
content-type
image/png
access-control-allow-origin
https://ads.pubmatic.com
access-control-allow-credentials
true
cf-ray
71c5009aff31912a-FRA
access-control-allow-headers
*
content-length
95
p
a.audrte.com/ Frame 49A1
Redirect Chain
  • https://a.audrte.com/match?gdpr=0&gdpr_consent=&p=M1717054901&uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F
  • https://a.audrte.com/p
68 B
617 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://a.audrte.com/p
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
HTTP/1.1
Server
35.169.179.244 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-35-169-179-244.compute-1.amazonaws.com
Software
nginx/1.18.0 /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

Date
Thu, 16 Jun 2022 16:43:05 GMT
Server
nginx/1.18.0
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Content-Type
image/png
Access-Control-Allow-Origin
*
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
68

Redirect headers

Date
Thu, 16 Jun 2022 16:43:05 GMT
Server
nginx/1.18.0
Access-Control-Allow-Origin
*
Vary
Origin, Access-Control-Request-Method, Access-Control-Request-Headers
Access-Control-Allow-Methods
POST, GET, OPTIONS
Location
https://a.audrte.com:443/p
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
generic
match.adsrvr.org/track/cmf/ Frame 49A1 		70 B
264 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.adsrvr.org/track/cmf/generic?ttd_pid=pubmatic&ttd_tpi=1&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.71.131.137 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a6370ebea231e0c9a.awsglobalaccelerator.com
Software
/
Resource Hash
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
cache-control
private,no-cache, must-revalidate
x-aspnet-version
4.0.30319
content-type
image/gif
content-length
70
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
Pug
simage2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://c1.adform.net/serving/cookie/match?party=14&redirect=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=[PLACE%20YOUR%20PIGGYBACK%20COO...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7439562014725789384
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7439562014725789384
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:29:29 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
server
nginx
location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTI4NzUmdGw9NDMyMDA=&piggybackCookie=7439562014725789384
access-control-max-age
86400
access-control-allow-methods
GET
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate, no-transform
access-control-allow-credentials
true
strict-transport-security
max-age=31536000; includeSubDomains
access-control-allow-headers
Content-Type,Cache-Control,Accept-Encoding,X-Requested-With
content-length
0
expires
-1
Pug
image2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://ib.adnxs.com/getuid?https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=$UID&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1244441007486675437&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1244441007486675437&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 07:23:13 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:04 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
939220a3-11dc-4950-b073-7decb7166a54
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTc4JnRsPTE1NzY4MDA=&piggybackCookie=1244441007486675437&gdpr=0&gdpr_consent=
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
Pug
image2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://pixel.quantserve.com/pixel/p-5aWVS_roA1dVM.gif?idmatch=0&gdpr=0&gdpr_consent=
  • https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zLgmcs_uf3XX7yJ2zblqdcy6ciHX6CUimLP_6miY
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zLgmcs_uf3XX7yJ2zblqdcy6ciHX6CUimLP_6miY
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:04 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
strict-transport-security
max-age=86400
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location
https://image2.pubmatic.com/AdServer/Pug?&vcode=bz0yJnR5cGU9MSZjb2RlPTExMTMmdGw9NDMyMDA=&piggybackCookie=zLgmcs_uf3XX7yJ2zblqdcy6ciHX6CUimLP_6miY
cache-control
private, no-cache, no-store, proxy-revalidate
content-length
0
expires
Fri, 04 Aug 1978 12:00:00 GMT
Pug
simage2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://x.bidswitch.net/sync?ssp=pubmatic&gdpr=0&gdpr_consent=
  • https://p.rfihub.com/cm?in=1&pub=20513&ssp=pubmatic
  • https://x.bidswitch.net/sync?dsp_id=119&user_id=5140084920985061272&expires=30&ssp=pubmatic
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=605d3ec1-7c39-4340-9bef-c98d39cf90dc&gdpr=&gdpr_consent=&gdpr_pd=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=605d3ec1-7c39-4340-9bef-c98d39cf90dc&gdpr=&gdpr_consent=&gdpr_pd=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:29:26 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
//simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9Mjk0NSZ0bD0xMjk2MDA=&piggybackCookie=605d3ec1-7c39-4340-9bef-c98d39cf90dc&gdpr=&gdpr_consent=&gdpr_pd=
Date
Thu, 16 Jun 2022 16:43:04 GMT
Cache-Control
no-cache, no-store, must-revalidate
Connection
keep-alive
Content-Length
0
B9247297-66A9-46B6-AFB1-EB1C4FD2964F
pr-bh.ybp.yahoo.com/sync/pubmatic/ Frame 49A1 		43 B
989 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pr-bh.ybp.yahoo.com/sync/pubmatic/B9247297-66A9-46B6-AFB1-EB1C4FD2964F?gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:d018:d29:3602:cba9:630b:f07c:688c Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
ATS /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:04 GMT
referrer-policy
strict-origin-when-cross-origin
server
ATS
age
0
expect-ct
max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security
max-age=31536000
content-type
image/gif
x-xss-protection
1; mode=block
content-length
43
x-content-type-options
nosniff
SPug
image4.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://ups.analytics.yahoo.com/ups/58292/sync?_origin=1&uid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&redir=true&gdpr=0&gdpr_consent=
  • https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-o2FEXaJE2uWrO99ySwzUWQfTbJUWwfI-~A&gdpr=0&gdpr_consent=
0
128 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-o2FEXaJE2uWrO99ySwzUWQfTbJUWwfI-~A&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
104.36.113.24 , United States, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:04 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

location
https://image4.pubmatic.com/AdServer/SPug?partnerID=156078&xid=y-o2FEXaJE2uWrO99ySwzUWQfTbJUWwfI-~A&gdpr=0&gdpr_consent=
date
Thu, 16 Jun 2022 16:43:04 GMT
server
ATS/9.1.0.46
age
0
content-length
0
strict-transport-security
max-age=31536000
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
Pug
simage2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://ad.turn.com/r/cs?pid=1&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4275766673580835195&gdpr=0&gdpr_consent=&us_privacy=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4275766673580835195&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:03 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9ODImdGw9MTU3NjgwMCZkcF9pZD0yMg==&piggybackCookie=4275766673580835195&gdpr=0&gdpr_consent=&us_privacy=
pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
current
pubmatic-match.dotomi.com/match/bounce/ Frame 49A1 		0
104 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pubmatic-match.dotomi.com/match/bounce/current?networkId=17100&version=1&nuid=B9247297-66A9-46B6-AFB1-EB1C4FD2964F&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:fa8:8806:12::1370 , Singapore, ASN41041 (VCLK-EU-SE, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
cache-control
no-cache, private, max-age=0, no-store
server
nginx
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://match.adsby.bidtheatre.com/pubmaticmatch?redir=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw&piggybackCookie=uid:$UID&gdpr=0&gdpr_consent=
  • https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:73f32874-552b-4b77-a295-41e82d4babf5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:73f32874-552b-4b77-a295-41e82d4babf5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:04 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?piggybackCookie=uid:73f32874-552b-4b77-a295-41e82d4babf5&vcode=bz0yJnR5cGU9MSZjb2RlPTMwNjImdGw9MTI5NjAw
Date
Thu, 16 Jun 2022 16:43:04 GMT
Server
Apache
Connection
Keep-Alive
Keep-Alive
timeout=5, max=3000
Content-Length
0
P3P
policyref="/w3c/p3p.xml", CP="DSP NON LAW OUR CUR DEVo PSAo PSDo IND STA NAV COM INT"
Pug
simage2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://ads.playground.xyz/usersync/apn?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://secure.adnxs.com/getuid?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=$UID
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1244441007486675437
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1244441007486675437
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:03 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Pragma
no-cache
Date
Thu, 16 Jun 2022 16:43:04 GMT
X-Proxy-Origin
80.255.7.100; 80.255.7.100; 718.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net; adnxs.com
AN-X-Request-Uuid
585bca87-ca8b-4093-9703-d8ab9d67d21f
Server
nginx/1.21.3
Access-Control-Allow-Origin
*
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0MDEmdGw9NDMyMDA=&piggybackCookie=1244441007486675437
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Type
text/html; charset=utf-8
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
pixelSync
pixel-sync.sitescout.com/dmp/ Frame 49A1 		0
191 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel-sync.sitescout.com/dmp/pixelSync?nid=3&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
66.155.71.149 Portsmouth, United Kingdom, ASN13768 (COGECO-PEER1, CA),
Reverse DNS
Software
AC1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
cache-control
max-age=0,no-cache,no-store
server
AC1.1
p3p
CP="NON DEVa PSAa PSDa OUR NOR NAV",policyref="/w3c/p3p.xml"
expires
Tue, 11 Oct 1977 12:34:56 GMT
d1ba4609
rtb.gumgum.com/getuid/ Frame 49A1 		35 B
208 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb.gumgum.com/getuid/d1ba4609?gdpr=0&gdpr_consent=&r=https%3A%2F%2Fsimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZjb2RlPTMzNDImdGw9MTI5NjAw%26piggybackCookie%3D
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.213.153.112 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-213-153-112.eu-west-1.compute.amazonaws.com
Software
nginx /
Resource Hash
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 16 Jun 2022 16:43:04 GMT
server
nginx
content-type
image/gif;charset=UTF-8
cache-control
private, no-store, must-revalidate, max-age=0
timing-allow-origin
*
content-length
35
expires
0
Pug
simage2.pubmatic.com/AdServer/ Frame 49A1
Redirect Chain
  • https://sync.ipredictive.com/d/sync/cookie/generic?https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=${ADELPHIC_CUID}&gdpr=0&gdpr_cons...
  • https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=631f16fd-ed93-11ec-8290-0b5c966f72f2&gdpr=0&gdpr_consent=
0
74 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=631f16fd-ed93-11ec-8290-0b5c966f72f2&gdpr=0&gdpr_consent=
Requested by
Host: threatpost.com
URL: https://threatpost.com/kaiser-permanente-breach/179949/?utm_campaign=Third%20Party%20Thursday%20Newsletter&utm_medium=email&_hsmi=216744177&_hsenc=p2ANqtz-9FeIjarQeL3zA4ACQwCC6mhwLDSG8KZWVQNtpWhebNpA0aYw53UW6wqluChIgIaseSzoTUFllDNXqMgiGiwDLwGaTegw&utm_content=216744177&utm_source=hs_email
Protocol
H2
Server
185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 06:27:40 GMT
content-encoding
gzip
server
nginx
cache-control
no-store, no-cache, private
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-type
text/html; charset=utf-8

Redirect headers

Location
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MzI1MCZ0bD0xMjk2MDA=&piggybackCookie=631f16fd-ed93-11ec-8290-0b5c966f72f2&gdpr=0&gdpr_consent=
Date
Thu, 16 Jun 2022 16:43:04 GMT
Server
Apache-Coyote/1.1
Connection
keep-alive
Content-Length
0
X-CI-RTID
64d4de06-ed93-11ec-a4d1-6599231fe1c6
PugMaster
image6.pubmatic.com/AdServer/ Frame DC94 		0
39 B 		Script
General
Check archive.org
Download Go to
Full URL
https://image6.pubmatic.com/AdServer/PugMaster?sec=1&async=1&kdntuid=1&rnd=57712806&p=0&s=0&a=0&ptask=ALL&np=0&fp=0&rp=1&mpc=0&spug=1&coppa=0&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?predirect=https%3A%2F%2Fusersync.gumgum.com%2Fusersync%3Fb%3Dpbm%26i%3D&gdpr=0&gdprConsent=
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.78 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:03 GMT
content-length
0
SPug
simage4.pubmatic.com/AdServer/ Frame 49A1 		0
47 B 		Script
General
Check archive.org
Download Go to
Full URL
https://simage4.pubmatic.com/AdServer/SPug?partnerID=156319&gdpr=0&gdpr_consent=&us_privacy=
Requested by
Host: ads.pubmatic.com
URL: https://ads.pubmatic.com/AdServer/js/user_sync.html?p=156319&gdpr=0&predirect=https%3A%2F%2Fx.serverbid.com%2Fusersync%3Fttt%3D3%26src%3D2%26cspi%3D0%26cn%3D3%26spui%3D%26dpui%3D
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.64.190.81 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
de-DE,de;q=0.9
Referer
https://ads.pubmatic.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.115 Safari/537.36

Response headers

date
Thu, 16 Jun 2022 16:43:06 GMT
cache-control
no-store, no-cache, private
server
nginx
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/tr/sr?v=166750
Domain
hbopenbid.pubmatic.com
URL
https://hbopenbid.pubmatic.com/translator?source=prebid-client
Domain
s0.2mdn.net
URL
https://s0.2mdn.net/instream/video/client.js
Domain
imasdk.googleapis.com
URL
https://imasdk.googleapis.com/js/core/bridge3.519.0_en.html
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/tr/ao?v=166750
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/rtb/g?v=166750
Domain
capi-tier-2-us-east-2.connatix.com
URL
https://capi-tier-2-us-east-2.connatix.com/tr/ps?v=166750
Domain
matching.truffle.bid
URL
https://matching.truffle.bid/sync/pub?sid=161&suid=https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTM0NDQmdGw9MjAxNjA=&piggybackCookie=$UID

Verdicts & Comments Add Verdict or Comment

381 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| 8 object| oncontextlost object| oncontextrestored function| structuredClone object| launchQueue object| onbeforematch function| getScreenDetails object| navigation object| gform string| gAMP_urlhost string| gAMP_urlpath string| gAMP_urlquery string| gAMP_contentid string| gAMP_category string| gAMP_contenttags number| kPrebidTimeout number| kRefreshPollTime number| gRefreshCount number| gOXRefreshCount boolean| gRefreshDebug boolean| gPrebidDebug boolean| gTrackVisibility boolean| gLazyLoad boolean| gTrackPageVisibility number| k30SecondRefreshInterval number| k60SecondRefreshInterval number| k90SecondRefreshInterval number| k120SecondRefreshInterval number| k180SecondRefreshInterval number| k999SecondRefreshInterval number| kDoNotRefresh number| kDefaultRefreshInterval object| gSChainNodes undefined| gGDPR_forceLocale boolean| gGDPR_silentNoConsent boolean| gGDPR_forceNoConsent object| gGDPR_NonTCFVendors string| gGDPR_publisherCountryCode string| gGDPR_logoURL string| gGDPR_privacyPolicyURL string| kAmazonPublisherID object| ad728x90ATF object| ad300x250ATF object| ad300x250ATF2 object| ad728x90ATFTAB object| ad728x90STICKY object| ad300x250ATFTAB object| ad300x250ATF2TAB object| ad320x50ATF object| ad300x250ATFM object| ad300x250ATF2M object| ad2x2skin object| adGoogleAdXInterstitial number| gBrowserWidth object| desktopAdUnits object| tabletAdUnits object| mobileAdUnits object| gAllSlotData number| gAllSlotCount function| _0x2484c2 object| gRefreshSlots object| gRefreshIDs object| gRefreshTimes object| gRefreshIntervals object| gThisRefreshIDs object| gThisRefreshSlots boolean| gInitialLoad object| gIntersectionObserver object| gPBJSTimeoutTimer object| gAmazonSlots object| gAmazonBids boolean| gAmazonBidsBack boolean| gPrebidBidsBack object| googletag object| pbjs function| _0x47b6 boolean| gHasGDPRCMP object| gGDPRTCData function| amp_getBidsForAllChannels function| amp_dumpBids function| amp_dumpWins function| amp_dumpTable function| amp_getBestBids function| sendAdserverRequest function| _0x4815 function| checkIfAllBidsBack function| amazonBidsBack function| pbjsBidsBack function| bidsTimeout function| scheduleConsentUpdates function| sendBidRequests function| doSendBidRequests function| amp_refreshAllSlots function| amp_refreshSlots function| refreshAdSlots function| attachCloseBoxSVG function| configureAdSlot function| getCookie object| apstag function| cnx function| $ function| jQuery function| _extends function| _typeof function| LazyLoad object| gdprDynamicStrings object| gdprStrings object| kss object| sNew object| s0 object| dataLayer boolean| jQueryMigrateHelperHasSentDowngrade object| ___grecaptcha_cfg object| grecaptcha string| __recaptcha_api boolean| __google_recaptcha_client object| cnx_usr_storage object| ggeac object| google_tag_data object| google_js_reporting_queue object| FDnjNB2 function| FDnjNB3 object| xop function| __uspapi function| __uspOpenUI object| FontAwesomeConfig object| ___FONT_AWESOME___ function| __tcfapi object| __cmpAPI object| __GVL object| __cmpTCModel function| __cmpOpenUI object| pbjsChunk object| _pbjsGlobals object| ADAGIO object| mnet object| mnjs string| nobidVersion object| nobid object| google_tag_manager function| postscribe object| google_tag_manager_external object| recaptcha object| kasperskyDynamicaReCaptchaData object| jQuery1124032393225157618577 object| kaspersky object| prmOm object| omPlatformsSettings function| trackKLReferrer function| trackTrialSubmit function| trackFraud function| getFilename function| trackFile function| trackTrial function| trackTrialKMS function| trackPU function| trackPU2 function| trackDoc function| trackBeta function| trackDBUpdate function| trackDRFile function| trackLink function| trackCountrySelector function| trackLRC function| trackIPP function| trackPage function| trackLRCFallback function| trackMaxymiser function| trackAuditories function| trackCroSegment function| trackCta function| trackDownload function| trackEvent function| trackExit function| trackForm function| trackGoToPayment function| trackChangePaymentMethod function| trackLena function| trackMarketLincGroup function| trackMarketLincVisitor function| trackPageView function| trackPageViewOnLoad function| trackPartnerLocatorSearchEvent function| trackProductView function| trackRegistration function| trackSaleButton function| trackSignin function| trackSignIn function| trackUpsellPage function| omSetContext function| omSetOmnitureParameters function| omChooseCookieDomain function| omGetAbsoluteUrl function| omGetBusinessType function| omGetGoogleAnalyticsClientId function| omGetHostName function| omGetOrigin function| omGetPageNameFromPath function| omGetQueryParam function| omReadCookie function| omRemoveAllUrlParameters function| omRemoveAllUrlParametersForDownloads function| omRemoveUrlParameter function| omRemoveCookie function| omSafeParseJson function| omSetCookie function| omSetInp function| removeHashFromString function| omPushEventToDataLayer function| omCreateEventParamsObj function| omPushTrackingObjectToDataLayer function| omPrepareProductsString function| omHandleClick function| omHandleMessage function| e object| sng object| s object| visitorConfigObj function| AppMeasurement function| s_gi function| s_pgicq object| adobe function| Visitor object| s_c_il number| s_c_in object| _uxa number| s_objectID number| s_giq object| runtime object| regeneratorRuntime function| setImmediate function| clearImmediate object| wp function| sprintf function| vsprintf object| gform_i18n object| gf_global object| gf_legacy_multi object| gf_legacy boolean| apstagLOADED undefined| google_measure_js_timing function| announceAJAXValidationErrors function| gformBindFormatPricingFields function| Currency function| gformCleanNumber function| gformGetDecimalSeparator function| gformIsNumber function| gformIsNumeric function| gformDeleteUploadedFile object| _gformPriceFields undefined| _anyProductSelected function| gformIsHidden function| gformCalculateTotalPrice function| gformUpdateTotalFieldPrice function| gformGetShippingPrice function| gformGetFieldId function| gformCalculateProductPrice function| gformGetProductQuantity function| gformIsProductSelected function| gformGetBasePrice function| gformFormatMoney function| gformFormatPricingField function| gformToNumber function| gformGetPriceDifference function| gformGetOptionLabel function| gformGetProductIds function| gformGetPrice function| gformRoundPrice function| gformRegisterPriceField function| gformInitPriceFields function| gformShowPasswordStrength function| gformPasswordStrength function| gformToggleShowPassword function| gformToggleCheckboxes function| gformToggleRadioOther function| gformAddListItem function| gformDeleteListItem function| gformAdjustClasses function| gformAdjustRowAttributes function| gformToggleIcons function| gformAddRepeaterItem function| gformDeleteRepeaterItem function| gformResetRepeaterAttributes function| gformToggleRepeaterButtons function| gformMatchCard function| gformFindCardType function| gformToggleCreditCard function| gformInitChosenFields function| gformInitCurrencyFormatFields function| GFMergeTag function| GFCalc undefined| __gf_keyup_timeout function| gformFormatNumber function| getMatchGroups function| gf_get_field_number_format function| gformValidateFileSize function| gformInitSpinner function| gformAddSpinner function| gformReInitTinymceInstance function| gf_raw_input_change function| gf_get_input_id_by_html_id function| gf_get_form_id_by_html_id function| gf_get_ids_by_html_id function| gf_input_change function| gformExtractFieldId function| gformExtractInputIndex function| rgars function| rgar function| HandleUnsavedChanges function| renderRecaptcha function| gformIsRecaptchaPending object| gfMultiFileUploader undefined| __gf_timeout_handle function| gf_apply_rules function| gf_check_field_rule function| gf_get_field_logic function| gf_apply_field_rule function| gf_get_field_action function| gf_is_match function| gf_is_match_checkable function| gf_is_checkable_empty function| gf_is_match_default function| gf_format_number function| gf_try_convert_float function| gf_matches_operation function| gf_get_value function| gf_do_field_action function| gf_do_next_button_action function| gf_do_action function| gf_reset_to_default function| gf_is_hidden_pricing_input object| Placeholders object| gf_form_conditional_logic string| gf_number_format function| do_callback object| cRnYQU function| cRnYQm function| xblacklist string| GoogleAnalyticsObject function| ga object| _qevents function| twq object| MZ1D6o2 function| MZ1D6o3 function| xblocker boolean| creativeVendorLibraryLoaded function| gtag function| quantserve function| __qc object| ezt object| _qoptions function| qtrack object| twttr object| gaplugins object| gaGlobal object| gaData object| player_instance_34121a5a2494405a8e0b8f5e9f6e957a object| cnxEnfStorage function| cnxsetTimeout function| cnxsetInterval object| cnxPlugins object| PublisherCommonId object| ID5 number| google_global_correlator function| cnxProxyTask object| sas object| apntag object| _ADAGIO object| googleToken object| googleIMState function| processGoogleToken number| google_unique_id function| cnxAddEventListener

113 Cookies

Domain/Path Name / Value
.www.venminder.com/ Name: __cfruid
Value: e16fbfb21276f4e2b242875fea1c4abb96f226be-1655397771
.threatpost.com/ Name: _cs_mk
Value: 0.5128829631014058_1655397772754
.demdex.net/ Name: demdex
Value: 33020213730496520520066473953452234431
.threatpost.com/ Name: AMCVS_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1
.threatpost.com/ Name: _ga
Value: GA1.2.685716736.1655397773
.threatpost.com/ Name: _gid
Value: GA1.2.1533137274.1655397773
.threatpost.com/ Name: _gat_UA-35676203-21
Value: 1
.everesttech.net/ Name: everest_g_v2
Value: g_surferid~YqtdjgAAAJTvogOV
threatpost.com/ Name: _pbjs_userid_consent_data
Value: 6683316680106290
.t.co/ Name: muc_ads
Value: ed4ee3a3-49b9-45c6-be64-9bab6b921a0f
.dpm.demdex.net/ Name: dpm
Value: 33020213730496520520066473953452234431
.threatpost.com/ Name: AMCV_983502BE532960BE0A490D4C%40AdobeOrg
Value: 1585540135%7CMCIDTS%7C19160%7CMCMID%7C25607970782630986381060259178707400933%7CMCAAMLH-1656002573%7C6%7CMCAAMB-1656002573%7C6G1ynYcLPuiQxYZrsz_pkqfLG9yMXBpb2zX5dvJdYQJzPXImdj0y%7CMCOPTOUT-1655404973s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19167%7CvVersion%7C4.4.0
.lijit.com/ Name: ljtrtb
Value: eJyrrgUAAXUA%2BQ%3D%3D
.lijit.com/ Name: ljt_reader
Value: E0kKvBZHggn13NjfQ5yjeES0
.quantserve.com/ Name: mc
Value: 62ab5d8e-eef73-e6051-bb2b9
threatpost.com/ Name: usprivacy
Value: 1---
.rubiconproject.com/ Name: khaos
Value: L4H93DZ1-Y-BGH6
.rubiconproject.com/ Name: audit
Value: 1|hLZGFuTafB2bcthxAhMqdwNb0fGVcfL/XWaA1sYWTLG0RTcz8e+19W6zdET0wilAb05ecXDiI+jhlI2uKWkDtsxuhZpbWKLtINWY3Pa16NE=
.openx.net/ Name: i
Value: bde511c8-0248-02fa-15dc-02a2bb9b7146|1655397774
.threatpost.com/ Name: __qca
Value: P0-1579856263-1655397773534
.twitter.com/ Name: personalization_id
Value: "v1_A8uEWcto1a/uvSCGeg5iRg=="
prebid.a-mo.net/ Name: __amc
Value: 1_1655397774_1655397774
.serverbid.com/ Name: CONSUMABLEID
Value: 74f75e086b604bf6b75e086b60abf69b
.threatpost.com/ Name: __gads
Value: ID=7924edb3565b4928-22d6328ab5cd0099:T=1655397776:S=ALNI_MZOfwW1Ez8NMXaqy-BV6w_LSxsT_A
.openx.net/ Name: pd
Value: v2|1655397781|gekin0vNiygu
.doubleclick.net/ Name: IDE
Value: AHWqTUkgH9ZLugQHhjPnizg2-AbAYSdnG5vieNeNCHbWDExvbTDd5zHGgXwLxjaExrs
.adform.net/ Name: C
Value: 1
.adform.net/ Name: uid
Value: 7439562014725789384
.advertising.com/ Name: APID
Value: UP62b35cbe-ed93-11ec-bfef-06f16eb29912
.adnxs.com/ Name: uuid2
Value: 1244441007486675437
.casalemedia.com/ Name: CMPS
Value: 3259
.servenobid.com/ Name: pid_327
Value: 71903f75-c989-4ea5-806e-51a7b7b8891a
.casalemedia.com/ Name: CMST
Value: YqtdlWKrXZUA
.rfihub.com/ Name: rud
Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MrC0MDUwMzQyNxLiM9QNzMipyE2L8PTLDAoGAEPKdpglAAAA
.rfihub.com/ Name: ruds
Value: H4sIAAAAAAAAAOMSNjU0MTCwMLE0MrC0MDUwMzQyNxLiM9QNzMipyE2L8PTLDAoGAEPKdpglAAAA
.lijit.com/ Name: _ljtrtb_273657
Value: 273657
.servenobid.com/ Name: pid_312
Value: 1244441007486675437
.yahoo.com/ Name: A3
Value: d=AQABBJVdq2ICEKAYb6xCB7YVmpau_lCAfkUFEgEBAQGvrGK1YgAAAAAA_eMAAA&S=AQAAApCDpSUF3Bl6KUukWqoLym0
.gumgum.com/ Name: vst
Value: e_896dd721-9878-4a63-9e7f-da8df9dd859c
.mathtag.com/ Name: uuid
Value: fccd62ab-5d95-4f00-a746-431f8487ce09
.servenobid.com/ Name: pid_310
Value: E0kKvBZHggn13NjfQ5yjeES0
.servenobid.com/ Name: pid_324
Value: 5140084920985061272
.smartadserver.com/ Name: pid
Value: 2041178221297896427
.servenobid.com/ Name: pid_333
Value: YqtdlVksbUYX-CH7VO_h8AAABIYAAAIB
.casalemedia.com/ Name: CMID
Value: YqtdlVksbUYX.CH7VO-h8AAA
.casalemedia.com/ Name: CMPRO
Value: 1158
.casalemedia.com/ Name: CMRUM3
Value: 2e62ab5d9505a0&f162ab5d9505a0&e662ab5d952760&9862ab5d9505a00&2d62ab5d9505a0&be62ab5d9505a0&ce62ab5d9505a0&2762ab5d950b40
.servenobid.com/ Name: pid_337
Value: y-UVCMIRhE2uF8h3mF6xud0PRBhG1Cuv1OZWGnWV8-~A
.servenobid.com/ Name: pid_317
Value: 2041178221297896427
.servenobid.com/ Name: pid_309
Value: e_896dd721-9878-4a63-9e7f-da8df9dd859c
.emxdgt.com/ Name: euid
Value: 3031655397781644602f1
.bidswitch.net/ Name: tuuid
Value: 605d3ec1-7c39-4340-9bef-c98d39cf90dc
.bidswitch.net/ Name: c
Value: 1655397781
.bidswitch.net/ Name: tuuid_lu
Value: 1655397781
.creativecdn.com/ Name: u
Value: z4MkVvOpgjByW7rJSR0L
.creativecdn.com/ Name: ts
Value: 1655397781
.emxdgt.com/ Name: eapn_id
Value: 1244441007486675437
.ads.linkedin.com/ Name: lang
Value: v=2&lang=en-us
.linkedin.com/ Name: bcookie
Value: "v=2&114e8d82-782a-4f1e-8cb2-d0776f326149"
.linkedin.com/ Name: li_gc
Value: MTswOzE2NTUzOTc3ODE7MjswMjF7hYm6NjYy7VBZfdk+F/d3RtoWdbsu2xkslqPI2PdAhQ==
.linkedin.com/ Name: lidc
Value: "b=VGST00:s=V:r=V:a=V:p=V:g=2731:u=1:x=1:i=1655397781:t=1655484181:v=2:sig=AQHF9bcu7GZ_kSqGgr2TAINzk4TNawrd"
.360yield.com/ Name: tuuid
Value: 545e9308-d442-4c04-b517-ad0593a97878
.360yield.com/ Name: tuuid_lu
Value: 1655397781
.tidaltv.com/ Name: tidal_ttid
Value: 06b38338-9d34-477c-9e94-29a74cac25a7
.yieldlift.com/ Name: xuids
Value: eyJ4dWlkIjoiMWMyZDU5ZmYtYTliMC00MzIyLTllN2QtNzc3MDIwMDRmYTlhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0xNlQxNjo0MzowMS44MDEyNTVaIn0=
.pubmatic.com/ Name: KADUSERCOOKIE
Value: B9247297-66A9-46B6-AFB1-EB1C4FD2964F
.amazon-adsystem.com/ Name: ad-id
Value: A7JZrbnwSEEEoRET8qBxQkI
.amazon-adsystem.com/ Name: ad-privacy
Value: 0
.tidaltv.com/ Name: sync-his
Value: "H4sIAAAAAAAAADM0NjQ1sDI0NgMAFHNtrgkAAAA="
.servenobid.com/ Name: pid_314
Value: eyJ4dWlkIjoiMWMyZDU5ZmYtYTliMC00MzIyLTllN2QtNzc3MDIwMDRmYTlhIiwiZHAiOnt9LCJiZGF5IjoiMjAyMi0wNi0xNlQxNjo0MzowMS44MDEyNTVaIn0=
.smartadserver.com/ Name: csync
Value: 76:CAESEI9tU6iPdYJjqyHKY8nP2PM|96:06b38338-9d34-477c-9e94-29a74cac25a7
.technoratimedia.com/ Name: tads_uid
Value: GDPR
.simpli.fi/ Name: suid
Value: FF6D94AD82C546B38AEDAF5FBB9D441E
.onaudience.com/ Name: cookie
Value: 63d14de507c68b3a
.onaudience.com/ Name: done_redirects161
Value: 1
.de17a.com/ Name: guid2
Value: 1.1280365207208777108
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-7f58393f-a9d0-4d47-747c-1ea15b682576.ciStIsphalGOjtShCCHzNl6%2FErCEbzrYQxbnQCATXqk
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3Af1g5P6nQTUd0fB6hW2gldlD_B2Q.CWdpI06e7iWxi7x5gdkyyUmrXwZ2YyAoUcr%2B9R1T0rs
.zemanta.com/ Name: zuid
Value: ygCM2cvNvC-l7EhzKXLo
.outbrain.com/ Name: obuid
Value: 4db240c3-0772-4399-a1c6-00c118215ecc
.ipredictive.com/ Name: cu
Value: 631f16fd-ed93-11ec-8290-0b5c966f72f2|1655397782060
bh.contextweb.com/ Name: INGRESSCOOKIE
Value: 9b77eeeed14ba5bb
.onaudience.com/ Name: done_redirects104
Value: 1
.crwdcntrl.net/ Name: _cc_cc
Value: ctst
.outbrain.com/ Name: quantcast
Value: nwflp5xRvKCEUOGjngapoJ8FsfSEV-b3ywwH_PZM
.onaudience.com/ Name: done_redirects162
Value: 1
.eyeota.net/ Name: SERVERID
Value: 24227~DM
.pubmatic.com/ Name: chkChromeAb67Sec
Value: 2
.pubmatic.com/ Name: DPSync3
Value: 1655424000%3A174%7C1656547200%3A221_226_227_235_201_197_219
.pubmatic.com/ Name: SyncRTB3
Value: 1656201600%3A63%7C1655942400%3A2_223_15%7C1656633600%3A35%7C1660521600%3A69%7C1657929600%3A203%7C1656547200%3A7_189_243_104_71_88_13_99_165_234_231_220_56_8_166_55_57_161_3_233_204_238_5_54_81_176_222_21_22
.quantserve.com/ Name: d
Value: ENkBGAGyJvijCJiTDO7fIA
.analytics.yahoo.com/ Name: IDSYNC
Value: "196n~25hs:18z8~25hs"
.rfihub.com/ Name: eud
Value: H4sIAAAAAAAAAFvFwmtoZmpqbGlubmFibmx6ShzBNzQxMQUAQVWYbCAAAAA
.adfarm1.adition.com/ Name: UserID1
Value: 7109879344173414553
.1rx.io/ Name: _rxuuid
Value: %7B%22rx_uuid%22%3A%22RX-ddd3f684-ba3c-40a0-bfc2-96739d9735fe-003%22%2C%22zdxidn%22%3A%221508%22%2C%22nxtrdr%22%3Afalse%7D
.adsby.bidtheatre.com/ Name: __kuid
Value: 73f32874-552b-4b77-a295-41e82d4babf5.424611784
.fiftyt.com/ Name: fifid
Value: df53f04b-c77d-4f24-7fa3-193e72d0b137
.fiftyt.com/ Name: cs
Value: MTY1NTM5Nzc4NHxEdi1CQkFFQ180SUFBUkFCRUFBQUJQLUNBQUE9fJlcqTsIEsDjzRnfuC2ESv0ynTIZctN2ZyaTL_TXaCR9
.turn.com/ Name: uid
Value: 4275766673580835195
.w55c.net/ Name: wfivefivec
Value: 7OWpLZpV1O1SAg5
.zeotap.com/ Name: zc
Value: f84ff53c-ce7c-4378-750f-5fe3fbbe1c15
ads.playground.xyz/ Name: connect.sid
Value: s%3AGd94e8t5ra4yxCDd4IvrDZm8iICTiVt3.VYlwcpbnq%2FwqNJUGiavGaIDiEoy7XfAmTToGs2KS0uM
.w55c.net/ Name: matchpubmatic
Value: 5
.pubmatic.com/ Name: SPugT
Value: 1655397784
.fiftyt.com/ Name: fppm
Value: 20220616164304
.onaudience.com/ Name: done_redirects200
Value: 1
.semasio.net/ Name: SEUNCY
Value: 6BB3039F28CBEA9B
.tribalfusion.com/ Name: ANON_ID
Value: a1ntmIMwTkF6Xlypr9jEZd2ZaZaf8flcSC9dyedMF1QnZdRZd70WVPEhcJisCK0rK6x62wD2Hin596BRjQ24sfnffbT8O
.audrte.com/ Name: arcki2_pubmatic
Value: B9247297-66A9-46B6-AFB1-EB1C4FD2964F!20210804!1655397785140
.audrte.com/ Name: arcki2_TTT
Value: 1655397785140!ddcanpjqU2jSmqqYFK1EC-fCQ!H4sIAAAAAAAAAB2WS45kKQxFF8MYCYz5eNiDHrRK3YNSbQBj2P8S+rxMKTNDES/Avr4fl3GlxT455Fpuz3c2qTu7tRO9hbzqyaZG816y1RtZu75srZy8tN/y2rTeWppjaV2Pd+/V3M7kId0779fftWmyZafqRV7Xk0W3Z701st1XssZ4rZ7X/VlqQ8YbW/O9p+TWPLK/9vIc1kxjRzNJ49hWi57nW5LbHZxUHq+4ofBg1G1Jjr1Xysjzes+t15t39ZWdDwcNvXNWau/SA4WX8XjInmUb++ag266jLIua9jrhq698C2Cpj559jZGlSF9VZy1tpDN7ldJffuGHmubOa3jJY7X2nnr1QU23n2VH8rnDOOlyUl2eucdXgJW/nuZtI27ULJRGT43CF3/aGL5u6SU4aQBNOavkWUyz2vXsnePWmQXQ5rFYycsVXbZy7Naz1jOybW/Mbrdhe9wlD5yW7QqY4cFYNC4QOMdNPcO0aKWmcW+IyswdRGABONqJmWmuXL8lip8ERBKlWy7WgaDT2J666NOCGVvfryR4cleLk4dNeoJDzE4LUx6nqkttKqlKTBdYNhd81KEKszjuScSRc+ZcPdW3L3C0fF6tPLThaJeWi4qX0cu9c6Z94dwEx8NPbqIfkfvMXvRZYTLvjXStFtiuee8GmHODY+XJXeoOv7OsZWmf6fNj5hYBTIUv7oeaWpujzQNAN12oXGDIR39md7VBulBu71zByPq4qRY5o90Hy+zltuHLgv65X49bfBwIm/pCKnVp9tZWbrEaVOEkNBTDpRcIkN7psgeXdG4HZwrzg1avFde+GBknze+E2YXZN9SmtOB2du4j7OjCAh4seMvGJ95h9ASC1PTOzcvUJ5cXGJ1miefK2HYE4nx3ovApWU7d11xsKaSr/RsTLPl0q/ejyjIep7BuE4lKSwcqb5mNsTEWDaG66ZbvC7262iucJG3dFo3zPz42rYMBTc2BDcy5BZmfpHE+EgjtQAC9CMV17SzgswrU4No0tmtt9+S7FmMJsYwCFL5MRFscr/DUtI3+MIwDxb6asJ7mF3ENWdc2JvVSYDSIvub3+sjaUKAZlH/LtdjesY4m6XBGcCUkO0GcKa8owD7KWE7/bbY0LM4ct+XAg7OWD8zmqMFehMuiU0+o1980SH0whDYr9OtKCzQ/uCUeQmBk0ApPDcd4tQArNW1qOus5I156MbH7btGdz8AJFQPLFIBnlsochwcg89DaR+TBgvU5nQuIF2Q8Xomt+vlUmmDUKwqO853Uvs9f2VjoMVtxNLqmPi8OPjExSJOVt9FNg8MWxiVLZ5/JFnN2wBRHMlpxDRsURlpgkGugvpvADG4a2TQvMv9Jqa/FtUa3V2NPiVRun3sij2cTxOenO2nGdfzzKqPtC5j+vNPdsf7xiZrcOK485+3gdYeZzM0EiN8Xha1ecBoz6KN3Kq8IpiY47At0MUk8Vb1Rk8LBQRrAY0KyaAJw/EFWFor4YgPSDbu57iprttVxjfT0RKwXeWAueGZQ+CgERO8MF6Ket1JoAIagxvexoEPvhSlm7KLRynrgyFguqqDmKsJDSPgLA1Kqyt5fdbAzKTofVirJCVgqPxyvn1P5XUoUcFNqKDg27otPnY/+cBxLZ940dOB02yutc6UCB65Ci80+Y5xM0af5hNfrtJ6sEXjzMSzHwlXHIzkxRvFr4rv2eyW1K7CiA3H9BvzlFTQi8nHCOvemZkv//PfvX79//f0HvmFikGpYTcRh3TgQhSoLTAFcMmzkvrH8DwwaSSZisOaQuUSfyv6M9Equx5SsHCV0pruPl08OQ/AzJcrzNvxi3y0D6WAijZN6KQs/45duWClQB8uCF1sCSSoWkM67jb3AmTq46cDUNiWQFXHr2g39R+KdXaLz1U7cttYqVkSEG1fIwPWfcNIpkBEPlvFZiRDRi1GiE2kPcusITYWVxHAY+PcAj9d5lfepHKPmI0wCI0W2iACDsW9ZwKe/aIM/t0Lgn7lLWjbL9vfyjW/qn7nbtxeSfRMo2Msa1CAyOBidLmpW0SDfPjoF33wco6Mn9qZ9v81Mi39ZEkjoYxLDWnKgK5tHGuuBBcIZcvoXAwK7MTo/41bWzJjsJmwGJ7DC7N+Ucbaa16yWK3YVbxPz4Ww5p7KCjByrf9oHB9/7Q1StD8Q5XiXid5Cn0H20HxfRbzk1rCCg+91djGXhHFtsVhkPhE9oGY98N3fitfQD9WpP7DEV6a7M19htdLEv6WEzas/k3dp2SIIXmCGBNKV/WYI542WC1YSzeHQPrUkwPFiATh1SgRx80vNyxf7tAOIjuqIQk+wteSJKqMKOxzb4FV5eqZ1NS/R/Dj/jYskLAAA=
.audrte.com/ Name: arcki2
Value: ddcanpjqU2jSmqqYFK1EC-fCQ!20210804!1655397785273
.bidr.io/ Name: bito
Value: AAHQFU7FVrsAABPTVujPAA
.bidr.io/ Name: bitoIsSecure
Value: ok

6 Console Messages

Source Level URL
Text
javascript warning URL: https://cd.connatix.com/connatix.player.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: https://cd.connatix.com/connatix.player.js
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, https://cds.connatix.com/p/plugins/prebid6.20.0-2.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
network error URL: https://id.rlcdn.com/709414.gif?gdpr=0
Message:
Failed to load resource: the server responded with a status of 451 ()
network error URL: https://ib.adnxs.com/getuid?https://dsum.casalemedia.com/crum?cm_dsp_id=190&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://secure.adnxs.com/getuid?https://dsum-sec.casalemedia.com/crum?cm_dsp_id=46&external_user_id=$UID&gdpr=1
Message:
Failed to load resource: the server responded with a status of 400 (Request failed due to privacy signals)
network error URL: https://id.rlcdn.com/711890.gif?credir=https%3A%2F%2Frtb-csync.smartadserver.com%2Fredir%2F%3Fissi%3D1%26partnerid%3D136%26partneruserid%3D&gdpr=0&gdpr_consent=
Message:
Failed to load resource: the server responded with a status of 451 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

a.audrte.com
a.tribalfusion.com
aax-eu.amazon-adsystem.com
acdn.adnxs.com
ad.360yield.com
ad.turn.com
ads.playground.xyz
ads.pubmatic.com
ads.servenobid.com
ads.yahoo.com
adservice.google.com
adservice.google.de
analytics.twitter.com
ap.lijit.com
aud.pubmatic.com
b1sync.zemanta.com
bh.contextweb.com
btlr.sharethrough.com
c.amazon-adsystem.com
c1.adform.net
c2shb.ssp.yahoo.com
capi-tier-2-us-east-2.connatix.com
capi.connatix.com
cd.connatix.com
cdn.id5-sync.com
cds.connatix.com
ce.lijit.com
cm.adgrx.com
cm.everesttech.net
cm.g.doubleclick.net
cms.quantserve.com
core.iprom.net
creativecdn.com
cs.admanmedia.com
cs.emxdgt.com
csync.loopme.me
d5p.de17a.com
dis.criteo.com
dmp.brand-display.com
dpm.demdex.net
dsp.adfarm1.adition.com
dsum-sec.casalemedia.com
e.serverbid.com
eb2.3lift.com
eu-u.openx.net
eus.rubiconproject.com
fastlane.rubiconproject.com
fb230d487b26d7de748d2dc1bdf4f0a1.safeframe.googlesyndication.com
g2.gumgum.com
geo.ipify.org
green.erne.co
hbopenbid.pubmatic.com
htlb.casalemedia.com
ib.adnxs.com
id.rlcdn.com
id5-sync.com
image2.pubmatic.com
image4.pubmatic.com
image6.pubmatic.com
imasdk.googleapis.com
img.connatix.com
ins.connatix.com
js-sec.indexww.com
kaspersky.d3.sc.omtrdc.net
kaspersky.demdex.net
kasperskycontenthub.com
lb.eu-1-id5-sync.com
loada.exelator.com
match.adsby.bidtheatre.com
match.adsrvr.org
match.bnmla.com
match.deepintent.com
match.prod.bidr.io
match.taboola.com
matching.truffle.bid
media.kaspersky.com
media.kasperskycontenthub.com
media.threatpost.com
mp.4dex.io
mwzeom.zeotap.com
odr.mookie1.com
onetag-sys.com
p.rfihub.com
pixel-eu.onaudience.com
pixel-sync.sitescout.com
pixel.advertising.com
pixel.onaudience.com
pixel.quantserve.com
pixel.rubiconproject.com
pm.w55c.net
pr-bh.ybp.yahoo.com
prebid.a-mo.net
ps.eyeota.net
public.servenobid.com
pubmatic-match.dotomi.com
px.ads.linkedin.com
qd.admetricspro.com
rtb-csync.smartadserver.com
rtb.gumgum.com
rules.quantcount.com
s.amazon-adsystem.com
s.tribalfusion.com
s0.2mdn.net
script.4dex.io
secure-assets.rubiconproject.com
secure.adnxs.com
secure.cdn.fastclick.net
secure.quantserve.com
securepubads.g.doubleclick.net
simage2.pubmatic.com
simage4.pubmatic.com
ssbsync.smartadserver.com
ssum-sec.casalemedia.com
stags.bluekai.com
static.ads-twitter.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.1rx.io
sync.crwdcntrl.net
sync.extend.tv
sync.go.sonobi.com
sync.ipredictive.com
sync.mathtag.com
sync.outbrain.com
sync.serverbid.com
sync.srv.stackadapt.com
sync.technoratimedia.com
sync.tidaltv.com
t.co
tag.1rx.io
tagan.adlightning.com
teachingaids-d.openx.net
tg.socdm.com
threatpost.com
tlx.3lift.com
token.rubiconproject.com
trc.taboola.com
uipglob.semasio.net
um.simpli.fi
ups.analytics.yahoo.com
us-u.openx.net
usersync.gumgum.com
vid.connatix.com
visitor.fiftyt.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.venminder.com
x.bidswitch.net
x.serverbid.com
x.yieldlift.com
capi-tier-2-us-east-2.connatix.com
hbopenbid.pubmatic.com
imasdk.googleapis.com
matching.truffle.bid
s0.2mdn.net
104.102.28.254
104.244.42.133
104.244.42.3
104.36.113.24
104.89.31.187
104.92.100.195
104.92.72.137
108.138.4.10
124.146.215.43
129.159.70.95
141.94.171.212
141.95.171.139
141.95.98.68
142.250.186.98
142.250.74.194
143.204.89.14
143.204.89.94
146.59.148.16
147.75.85.234
15.188.95.229
151.101.129.44
151.101.130.49
151.101.193.108
151.101.194.137
151.101.66.137
159.65.196.12
159.89.246.130
162.19.138.82
169.197.150.8
169.50.137.182
178.162.133.149
178.250.0.163
18.156.0.31
18.185.246.45
18.195.155.181
185.184.8.90
185.29.132.241
185.33.220.240
185.33.221.53
185.64.189.110
185.64.190.78
185.64.190.81
185.64.190.87
185.85.15.23
185.86.137.107
185.86.139.114
193.0.160.128
195.5.165.20
198.148.27.139
199.232.136.157
2001:678:cb4:bbbb::11
213.155.156.185
213.19.147.43
213.19.147.45
216.52.2.19
216.52.2.39
23.205.235.133
23.35.236.247
23.75.240.210
23.88.75.188
2600:9000:2156:4600:1b:d000:d280:93a1
2600:9000:2156:4a00:6:44e3:f8c0:93a1
2600:9000:2156:e600:0:5c46:4f40:93a1
2602:803:c004:200::140
2606:2c40::c73c:671c
2606:4700:10::ac43:db6
2606:4700:20::681a:9a9
2606:4700:3030::ac43:cf70
2606:4700:4400::ac40:98f5
2606:4700::6812:372
2620:116:800d:21:7eb1:3826:be7e:d981
2620:1ec:21::14
2620:1ec:40::45
2a00:1288:80:807::2
2a00:1450:4001:802::2001
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:811::2002
2a00:1450:4001:813::2003
2a00:1450:4001:827::2008
2a00:1450:4001:827::200a
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::200e
2a00:1450:400c:c00::9b
2a02:fa8:8806:12::1370
2a04:4e42:400::300
2a05:d018:24:b001:736:16ab:a44d:3496
2a05:d018:d29:3602:cba9:630b:f07c:688c
3.121.27.153
3.122.158.53
3.122.71.146
3.122.71.55
34.102.253.54
34.111.151.213
34.243.218.67
34.249.212.46
34.98.64.218
34.98.67.61
35.157.132.197
35.169.179.244
35.173.160.135
35.201.96.126
35.244.174.68
35.71.131.137
37.157.5.142
38.27.122.101
44.206.177.243
46.105.202.126
51.89.9.252
52.208.216.244
52.210.15.1
52.211.8.77
52.213.153.112
52.215.213.114
52.28.203.152
52.3.28.57
52.31.207.136
52.46.130.91
52.7.176.196
52.95.126.160
54.166.152.158
54.78.254.47
63.35.85.99
64.140.160.2
66.155.71.149
69.173.144.138
69.173.144.165
70.42.32.127
70.42.32.95
72.251.241.206
76.223.111.18
77.243.60.138
85.114.159.118
88.214.206.247
02715bd6008b923abf795bd1aba807e9c56b1074f52c7f453777597a15aeca75
038fc4d49a9191d416d49841f371b6e0b06bb40f719124099d40fe8f393b9e2c
03cc687f0c8a2d1694e509b91fcd6c62c0fbdbdbdb850b8007b8052f649c7f77
0535c3bb3a17e4ac0fb7d29214d2181275662129dc2bdd2a89c35934e9fc5ba5
05448e9440e5f8a66395d7d66a9bfcb9614a80e4e181f6347cd742ec36725ca6
06a56259d697f359d74696a09b3316301fbd8673193afee3bcc231e0a25b93e2
06b99248a163333e36980a6cfb756f1a7de60fa49517162b87b1a44d5d48f844
06fc565587b8b700936a1677218cb269a6cc31ca5f701eb45461e86a3d54d5c7
079c5253503d561234764a7a5a25447df5ada27169a5388547c2d274ac2074c7
08ef1b0d0a5b28f6b46bf1ead021b06c3dbcae98046af12205b4d7d478d743d2
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c09c070833c786cb25be38bc30992b30bad578f817dbc9e34beacd8b8ea44c5
0c9a4bb554fce2955d4095e738cbb70c235867acc002f6c8a7097b31fc81731e
0de5867fb96beb7a6df6147dea8d8f921d522b0822b0bdc46ac1af2277d3215c
0f4f18daea8aa504cb44b2c35e2b356dfe0696c634a1a2fdc0b301a308304108
0fd65bf8483638310c98d0fabb38d75c90ccf1b9165397638da7e987903273dd
1030fc8851425c20e532acd288aa03d709507bcd3d55367f980d55de309ead68
12db878ddc5736b88d35512b510b4b5eb5d03067839e6a853c96b90c5061a1af
1791bf831c158912a11ca40bcf5f3573fc54ec8f8343c37780dab679c0203d63
17aee1fe3d7d16e647b97f568230c2ff36c1855ce35ce930c26aec5d2c58eaf4
1a113034bdbdeaa7add41b1d85d4ebb360ceab32740506bef533dd883ed1888c
1ae61ed61290f9bf2619f52667aafa622c805072c75765025f0b61a23862005f
1ed70d02696722505ec82915a7dd9fbf2c512366d009b74bdbe37c9869c250a4
22c90613db09ef65c964b143e6adbe584b42eae85c9b7a75fa27c22b25cccb90
23e312f2999b301b0a243d53e4051d018ad3a9c956af0561a56cf928e336f375
2601819d7387eaa39cdce9df2aac15559572e9974bfe2d83bfb89b5873cf638a
2a8a57650b4931087f9db7ee7eda95b74b18c73ceb7fbb4b738c1de2a921b876
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2de77164bb9924542e1dea4ee4a0ff27d40b51a3d7939dac7db11a95045c9b7d
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
3299da9c9dfb78639c6b52475c844794f7a9f440a703f4151f33c13ee49cdbdb
32a4e737d032865d27cb838442f6700af7be0348992c8c92663ea3b7023897f1
3307268982e18bae27fb0691dea184c6a6ce845db0f6ce1f41ca63e948dde8a6
35148e5ceabd401a7801a115156079cf0a6be4d381ab2af4d8456a4c54c97a2d
369c67a5afb2ffa25d4480b3781a938e7fe7c5633f89d36570e2c1cc23c49eff
39af7c1116fb967a330e8770f775e6b5ee871add01ed45c98a1634911cebfb0a
3b11497de8fa0e6f1d7e7ae0a21973eea6535afd43882c989b0e5dfec2b416a1
3bb2621a4c0c710f6e78404473aebff8e115a28f8d53f44339b867c63ad93b26
3d649c0b3e87fd6abcb983656a0a1b3923a2a59885c3a30538641fd4f7126cbd
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
3f1ab94d49c431d36ee6426f348fa3b295bc06f8194a5992279d6922c14f47d3
3fde9b7199f6e1d03dd18a48a9bf140d6b56b210a91e78adf4541f2962246daa
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
419d135d5dbd1b1abff877cf34ad4bdc55e643b2a568893988b251b561b7245b
420508fc523520f35de5c851905543294123d7676b5a5668744691f2abe9e730
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
45ddc09b0ad6ab916bd9a0282070b161045e186fc025303f4aa1aa821fc45ac7
4658e1122a2190db712f6731d3e8c14b027f0a42bd7c1333b11d272f8e9ea3fd
4823c011e4b4cb4b7f35ced3ab09d57215ee243676d9bfcc24d10ec77d3db398
483dfad907203c4c6ff5432a4d8f8505778096755cc05cf86d657137e2370e62
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
4a47bf17af3501f270a0005dc1c4af182c380631a9d828d9aa98ad66f8ea22bb
4a8969251911f77a42a0d9619604d9eb69b742fdceb69ec84ea32e9a1c6dd780
4d2562bce42e541ac3f50a8a344b9c7fb22f40303280f877145adfb25413e07d
4d52f37b83f70c5035632548c652508d793eec55e17f2ac19552f4fa19d323be
4d6bffb781436019c4abb2dea0e82a064050f28d5ecb9ac4abd63adb3b5c696b
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e0b5563ff1fc5175d65e11e1546bee1945486d65d76c9248bdd77487532dadf
4f49e616d278a16d9cd55a6d5fe19c99ebd37d7d3848d14422190618b67011e0
500288356853c7199a27a6a2cdcd14b217d18dd9c8103272d8e6def6acbe2580
506336914f02f937120502bd21ebe49d3720829c2a09f6bc7f933baba246e14c
506d565f94cecbb486394c545a96e8459217f8d045496b511e8c815142abfc70
515a0c2343b09d4b80d8ac3d0e87a188c61e3fa861f27db0f294d6a9db3e2c3a
519815bc4a3dd9a571cb56f57c7c6abfbda2b4e2de8c4b884a7535a1705438f2
546be401414bcb20cdea07cdbcd806409b9629e4895737e214401948c40409f3
58391073a2822da6ba17eed93679bd74405983db36a83078621d3338b1b24cb4
5948ceaedf623dd344a628afce41a60e6014635dc995afeb38459487b3bdc98f
5a7ed822968963e31d88424c96387ad9f4fd4f4b5a5b581a33f65e3784d162cf
62cbf085d014439b719c84c3d2f3222fde66e299c2da1b41dfc4dbb315db0456
6493fe707262fb8d9bc0e4d487e319fc9ebe7de26ebe7e3b4f58a5d17f03a9ea
68cdaaeccd079ab33df06d3e5fb47594a4458a6491d48a8ae2f394defb419eb5
693c8b61667ac94847264924178702a190c5113b41b82085dad0641f89e3f864
69f0ade8cca67112ef495f707fb73c68fd5099a6cd9c51d9ba9ceda8dcca16f7
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b40f0d5cfa95c272e1a5a6c2ad7b9089ad07d3e938ea0f9f0693ab7f6a175e6
6c7761a8390f56079541b41e69badfe1fd54d38c0b3e900bf9447d088dfa9817
6e6377776a1104aed9b11142115b22dcaad3cf78ae76d255e454b04b7189af32
7048cffc8d40a9a30ef697e4c5d0a36916f5fc52044329e28a8c7c4b4666aa03
7104f88840a420f1702717d900db98910deb6141ad639bb7338b88993e989c72
739ab1cbd5fc795c806cfbc012e937834a1d566f02ed72ff02af2700c0629eb4
782cf3bec6ae5ea1cc0d0903ec8157ff81ab0e1822a99b24114ae33c83d093d5
7a3fcd53b20a6fdf183b0340f596a6431a280459adb871f43e617cecd5d57681
7a6c64cbf0f0ca0187c9c44d092ad0dbca8f087e7ed820491d1a411e20472ad6
7b4c525d983635413262bf2935f2ed6fc2d6c4666632ef0bda31f30e75109d02
7bbe22634e1274ae48559b6c10ef3cf5eea691e0d9c52c4da6bcf8df4ae145a7
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7c3b96f238042f73d0bedf5877fa02eb834e89649bbd122e2f10cc35238173cf
81dc88482cd115f4cc4f9d4dda784b2460f53c8756cc9394999553e985234365
82fbfe5e670d744d9eaa78d24461d1df89c6b8555c62bff72186f2cafe5fba7f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
859faa9b9ed0990288b2f393a102b1fe2668ac79088b113b6f0beaee521221eb
88a5824231c614e5e60fbebc9b362419217749264718cf44d4a568b72adcb9ca
89b4aa9e9bf8516c2ab7b5134f65d47b02071637259a14c9f60dccc207e05ce4
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8b0ee79f710af4fb47a3308e5e584f9c5729229dc75e731d9bb6ccd52c52dd40
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
8edaef698e025c37ba9e8d632a895d7252c62251df3f095d5cff17b6f3304854
903eb8f1cc364e01930ba03579f049a72794aa91d1a5842a2edb6365e436bb7c
927e16d837ac9f46ddb4a64c8fea1cbe39343902c91b14e11b484e9b01f98cdd
931dc539e87db7f509be9c77dfcc9b2baee0b91e5236aa04580ab14ed81e2cc0
97f5070aadd9475bb56a49a7bc1114e9fe1b992b55f2b227502f35f8bba71d74
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9a7e2f2daef118825ab8bb58bc3cd9dbb3c83cb84772a08f6c5758d706fef173
9c148647eb15ffff10402eebce541b80c1bda3429e69c6898f9b8a936683720c
9ef588ae664daf060b3974c54b6985d7547378df2ee26a55c5a96d04715660f7
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2a1df46bf3ce0a1a75cf6d24bf8881b30fa34d1ab2833f90c07366823cbd094
a3e64300797e8078baa41dbc49e2affc1d2bedd04a470f0c929ed7fac698fbcd
a4350fed8ed92bbf4f462fc245028928ac33afa25d2231b28c334b91cd0d3952
a4629b98fd964ae60a2d548906bc08519f86fab3feb8b6f95561d56a10925ad2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9d2b2df99c1a115d5394c70a898d8801092208dc582f8bd6fb01b35c30d6b22
aa467d498713fde1f476814de9e2f6e009abe5192c41be17c7aa4f597a426563
ab0117aeb34217b4d10e2a6daa4b147c41c60d43e08c3bd5036875adf3eaf1fa
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca72f84a2c66b81fbcec783e51fe3f462abb070762b4a23cda5bbe149dc6d85
ae00ae9c862bc8b8923efd1d9a18befa912678a869d4dd01179a59ed3de731be
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1f863d13dbad7d5240f577a73b47b06227d218909259042da95301e2eb8be55
b55131eaef425cb84b957a28df5881c3c83eb11ca9c01e3abccb00baf0e377b6
b694bf959615b28103870885944a1506c62d3a538276cb388269ab0d2a86ad4c
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bbe4e4e4e847a32bd717d963f0ac04b619a7a9cdd631a7454d9dfec16fbae73f
bfc91b9111c920a7954121bc63c1518a7d4274b05e18f23e7c3340981d3d902b
bfe7ff15a7683b1233aeeaf43dae728a932ae8cc52d8f89bed27482848ce71c9
c19517e1ddc7b156b37a8962685220566a94653b17dfedd17d79522998947964
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
c8a778d5fa59d4a504855f9230149b9b3d99a13bf9a3fcf984c9c4d19203a118
cc17e5cab98ea25e9fdc78c4c2efb04323d4b0136e903b270beecf15278ae7a4
ce25151bcfa9459107d78e8c9f835bc98d98f363821f32b20b65b6dbd56551a0
cea4ed59f87dc16e7a0ca046558ba6fe6216d9a26c00656c314f690e5a783676
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d278491b1de51ad826d16be5ab27b1746999c02d45200f107218427e34eed798
d60f650c218ffa1bfcec8b2afb20e6e842a9d987857f73a97553479df558c333
d62a7b7ec5313469ebff5c006b9068dc44d6d1c122cf787ffa29a10113b34060
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dfd5ce93dfe8fce44ff3e11681c17ac33a3ce404f68246f8cea5bd7f9944c4fc
e0f1df7af81fd8eb920863093c426fdafd241b8d9aeb6126fb2fd24f36c061b3
e127aead57cd6625f795f8c41d8b7c463c2c50158e3a3dc398424db2b16bd5db
e20ddb9ed1fa044cb624f0253bb06b13c92ed9915063bd63a5806440c6b1ce7c
e2c4332b6cd0fea250e89907921adaf7e597b52808cf19c995d6173ae0263f21
e2f1d6c82d89c9a6c1faf7a2e83e00645a2fa1291756de19c937f275bb285090
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e4058d4ee9da1ceaddfa91ddb63650ba67285f1bbfee487d9dfe648bced669a0
e424b58894f4e17a42f195b2074412aeade9e19e216056a1ada7eedd45671223
e5935466216a250bb06338805b32ffb19eeda9042ead790ebc6e5dda27820adb
e8fe64429e5900c16c7f8dd7861704e2f4d38e00cbb16bc18820b46d92461389
ec24ec80719b83e32448bd568739a6b7c36f96cc746c3003a9d32a1ef4535152
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1cb4d176a659ea1612b1a5db13782f324722c40c57e5a9d735182e8500bda29
f8a2b5b62eb722c3379b30cf0cc58d3176ee6be48036d6ad2aa838d2029c4189
fab99192661ca862bed0ba1140971db8d767e56597e50f02949325e030ef0ed2
fb513f6173396cc8dcef3ae1f88b0b8b11a1cd5b5e1142639c83e91c7ae26e08
fcb88962e3b91209279fa80c6b18a5d80703734ee775174dc8bf9f848c104f5b