gadgettendency.com Open in urlscan Pro
2606:4700:3036::6815:2728 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Submission: On November 06 via api (November 6th 2021, 6:13:17 am UTC) from GB — Scanned from GB

Summary HTTP 242 Redirects Links 6 Behaviour Indicators

Summary

This website contacted 32 IPs in 6 countries across 28 domains to perform 242 HTTP transactions. The main IP is 2606:4700:3036::6815:2728, located in United States and belongs to CLOUDFLARENET, US. The main domain is gadgettendency.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on June 11th 2021. Valid for: a year.

This is the only time gadgettendency.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
30	2606:4700:303... 2606:4700:3036::6815:2728	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
36	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:80f::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
2	192.0.76.3 192.0.76.3	2635 (AUTOMATTIC) (AUTOMATTIC)
2	2a04:fa87:fff... 2a04:fa87:fffe::c000:4902	2635 (AUTOMATTIC) (AUTOMATTIC)
7	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c08::9b	15169 (GOOGLE) (GOOGLE)
1 3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
32	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::2003	15169 (GOOGLE) (GOOGLE)
6 26	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	37.252.172.250 37.252.172.250	29990 (ASN-APPNEX) (ASN-APPNEX)
38	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
3 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	104.111.242.245 104.111.242.245	16625 (AKAMAI-AS) (AKAMAI-AS)
2 3	2620:116:800d... 2620:116:800d:21:5a23:9c4e:e774:96c1	16509 (AMAZON-02) (AMAZON-02)
2 2	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
2	34.98.67.61 34.98.67.61	15169 (GOOGLE) (GOOGLE)
4 4	35.227.252.103 35.227.252.103	15169 (GOOGLE) (GOOGLE)
4 4	198.47.127.19 198.47.127.19	3257 (GTT-BACKB...) (GTT-BACKBONE GTT)
3 3	69.173.151.100 69.173.151.100	26667 (RUBICONPR...) (RUBICONPROJECT)
1 1	3.124.136.236 3.124.136.236	16509 (AMAZON-02) (AMAZON-02)
3 4	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2a00:1288:80:... 2a00:1288:80:800::7000	203220 (YAHOO-DEB) (YAHOO-DEB)
1 1	2a00:1450:400... 2a00:1450:4001:831::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4009:11::9	15169 (GOOGLE) (GOOGLE)
1 1	63.32.201.39 63.32.201.39	16509 (AMAZON-02) (AMAZON-02)
1	2a05:d01c:1d8... 2a05:d01c:1d8:8102:2fde:4606:be56:e39d	16509 (AMAZON-02) (AMAZON-02)
242	32

30 2606:4700:3036::6815:2728 (United States)

ASN13335 (CLOUDFLARENET, US)

gadgettendency.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

36 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 192.0.76.3 (United States)

ASN2635 (AUTOMATTIC, US)

stats.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.wp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:fa87:fffe::c000:4902 (Ireland)

ASN2635 (AUTOMATTIC, US)

secure.gravatar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c08::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

encrypted-tbn1.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 142.250.185.130 (United States) 6 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.172.250 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

38 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.242.245 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-242-245.deploy.static.akamaitechnologies.com

sync.teads.tv	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:116:800d:21:5a23:9c4e:e774:96c1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.244.174.68 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

id.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.98.67.61 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 61.67.98.34.bc.googleusercontent.com

odr.mookie1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.227.252.103 (Kansas City, United States) 4 redirects

ASN15169 (GOOGLE, US)
PTR: 103.252.227.35.bc.googleusercontent.com

rtb.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 198.47.127.19 (United States) 4 redirects

ASN3257 (GTT-BACKBONE GTT, US)

image6.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 69.173.151.100 (United States) 3 redirects

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.136.236 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-136-236.eu-central-1.compute.amazonaws.com

d.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 185.94.180.126 (Amsterdam, Netherlands) 3 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7000 (Frankfurt am Main, Germany)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

gcdn.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4009:11::9 (London, United Kingdom)

ASN15169 (GOOGLE, US)

r4---sn-aigl6ney.c.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.32.201.39 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-32-201-39.eu-west-1.compute.amazonaws.com

pixel.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a05:d01c:1d8:8102:2fde:4606:be56:e39d (London, United Kingdom)

ASN16509 (AMAZON-02, US)

ag.innovid.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com Failed	551 KB
53	doubleclick.net 6 redirects googleads.g.doubleclick.net stats.g.doubleclick.net cm.g.doubleclick.net googleads4.g.doubleclick.net	260 KB
40	2mdn.net 1 redirects s0.2mdn.net gcdn.2mdn.net r4---sn-aigl6ney.c.2mdn.net	826 KB
30	gadgettendency.com gadgettendency.com	2 MB
10	gstatic.com www.gstatic.com encrypted-tbn1.gstatic.com fonts.gstatic.com	98 KB
8	openx.net 7 redirects us-u.openx.net rtb.openx.net	2 KB
7	googleapis.com fonts.googleapis.com	4 KB
6	googletagservices.com www.googletagservices.com	185 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com	4 KB
5	google.com 1 redirects adservice.google.com www.google.com	2 KB
4	spotxchange.com 3 redirects sync.search.spotxchange.com	2 KB
4	pubmatic.com 4 redirects image6.pubmatic.com	2 KB
3	rubiconproject.com 3 redirects pixel.rubiconproject.com	1 KB
3	quantserve.com 2 redirects cms.quantserve.com	1 KB
3	adnxs.com 2 redirects ib.adnxs.com	3 KB
3	google.co.uk adservice.google.co.uk www.google.co.uk	1 KB
2	mookie1.com odr.mookie1.com	430 B
2	rlcdn.com 2 redirects id.rlcdn.com	886 B
2	teads.tv sync.teads.tv	344 B
2	gravatar.com secure.gravatar.com	9 KB
2	wp.com stats.wp.com pixel.wp.com	3 KB
2	google-analytics.com www.google-analytics.com	20 KB
1	innovid.com ag.innovid.com	296 B
1	everesttech.net 1 redirects pixel.everesttech.net	376 B
1	yahoo.com ads.yahoo.com	444 B
1	agkn.com 1 redirects d.agkn.com	760 B
1	googleadservices.com partner.googleadservices.com	643 B
1	googletagmanager.com www.googletagmanager.com	36 KB
242	28

	Domain	Requested by
38	s0.2mdn.net	gadgettendency.com s0.2mdn.net
36	pagead2.googlesyndication.com	gadgettendency.com pagead2.googlesyndication.com googleads.g.doubleclick.net www.gstatic.com tpc.googlesyndication.com s0.2mdn.net www.googletagservices.com
32	tpc.googlesyndication.com	googleads.g.doubleclick.net tpc.googlesyndication.com s0.2mdn.net pagead2.googlesyndication.com
30	gadgettendency.com	gadgettendency.com
26	cm.g.doubleclick.net	6 redirects googleads.g.doubleclick.net gadgettendency.com
20	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net gadgettendency.com
7	www.gstatic.com	googleads.g.doubleclick.net
7	fonts.googleapis.com	gadgettendency.com googleads.g.doubleclick.net s0.2mdn.net
6	googleads4.g.doubleclick.net	gadgettendency.com
6	www.googletagservices.com	googleads.g.doubleclick.net
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
4	sync.search.spotxchange.com	3 redirects googleads.g.doubleclick.net
4	image6.pubmatic.com	4 redirects
4	rtb.openx.net	4 redirects
4	us-u.openx.net	3 redirects googleads.g.doubleclick.net
3	pixel.rubiconproject.com	3 redirects
3	cms.quantserve.com	2 redirects googleads.g.doubleclick.net
3	ib.adnxs.com	2 redirects googleads.g.doubleclick.net
3	www.google.com	1 redirects gadgettendency.com tpc.googlesyndication.com
2	odr.mookie1.com	googleads.g.doubleclick.net
2	id.rlcdn.com	2 redirects
2	sync.teads.tv	googleads.g.doubleclick.net
2	fonts.gstatic.com	fonts.googleapis.com
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.co.uk	pagead2.googlesyndication.com
2	secure.gravatar.com	gadgettendency.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
1	ag.innovid.com	googleads.g.doubleclick.net
1	pixel.everesttech.net	1 redirects
1	r4---sn-aigl6ney.c.2mdn.net	gadgettendency.com
1	gcdn.2mdn.net	1 redirects
1	ads.yahoo.com	googleads.g.doubleclick.net
1	d.agkn.com	1 redirects
1	encrypted-tbn1.gstatic.com	googleads.g.doubleclick.net
1	pixel.wp.com	gadgettendency.com
1	www.google.co.uk	gadgettendency.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	stats.wp.com	gadgettendency.com
1	www.googletagmanager.com	gadgettendency.com
242	40

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
github.com
my.diffend.io

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-11` - `2022-06-10`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.wp.com Sectigo RSA Domain Validation Secure Server CA	`2020-04-02` - `2022-07-05`	2 years	crt.sh
*.gravatar.com Sectigo RSA Domain Validation Secure Server CA	`2020-08-14` - `2022-11-16`	2 years	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.co.uk GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
www.google.co.uk GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-10-18` - `2022-01-10`	3 months	crt.sh
teads.tv R3	`2021-11-03` - `2022-02-01`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
*.mookie1.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-22` - `2022-03-25`	a year	crt.sh
ui.aps.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2021-12-15`	2 months	crt.sh
*.innovid.com RapidSSL RSA CA 2018	`2020-02-07` - `2022-04-07`	2 years	crt.sh

This page contains 32 frames:

Primary Page: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Frame ID: 2B679518B67EA86DFE4AFFCA2D35BB3D
Requests: 52 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html
Frame ID: 3B0A31F4DCD3ED8C4A6E707EEFB781CF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&adk=1812271804&adf=3025194257&lmt=1636179190&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179189757&bpp=574&bdt=242&idt=694&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6054264249085&frm=20&pv=2&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=713
Frame ID: 6B7396896F999EE8FED715C50AD2D287
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=1049579053&adk=3004737011&adf=2535633344&pi=t.ma~as.1049579053&w=642&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190365&bpp=3&bdt=851&idt=111&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jtMZJYOdua&p=https%3A//gadgettendency.com&dtd=116
Frame ID: 1621495616E699855E59DA4B1AC14EE2
Requests: 13 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83
Frame ID: 260E7670265DADA1321A462CE0DABFC0
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91
Frame ID: D005795AFC30CA78EB1FC8339CD31589
Requests: 8 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=5919063673&adk=2919542279&adf=436026530&pi=t.ma~as.5919063673&w=642&fwrn=4&fwrnh=100&lmt=1636179191&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179191107&bpp=1&bdt=1593&idt=1&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ebf11ac25f3121e-22a9396630cb0059%3AT%3D1636179190%3ART%3D1636179190%3AS%3DALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw&prev_fmts=0x0%2C642x280%2C300x600%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=BTqgIzkWV5&p=https%3A//gadgettendency.com&dtd=9
Frame ID: 012FC262171FA5B5B5F0B1084E25AD5B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1
Frame ID: 890B93E0D8C7F787640E60E5759B5885
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83
Frame ID: 8D801999728C7FCF141F5B058299B213
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91
Frame ID: AA4FC8588EC90670C8BE8264BB231188
Requests: 13 HTTP requests in this frame

Frame: https://www.gstatic.com/mysidia/9703f06907c5d574db4d8eade29cba29.js?tag=client_fast_engine_2019
Frame ID: 6725CEE66C1E226D8412BEA3525F8855
Requests: 11 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: EA76543288BA3F3BBB2861A73C8306EA
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: D38A7038C8088A12AE256A2CB48A864A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: E16380385C69A7E24862D74C82C51500
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMmKnQEYofCUmwEwAQ&v=APEucNXdFsI5896IsEWHwTuWXVXyDDVY4jv1ejL-_K4DK1f8ZE7hZSEJ6jKxJzTRxVYfUvRbZJCiFG7T3D6bxQeSdAp_20mAnKdSHFGaL8Wnha2Oi6QMUsXSjQWCujQm2xo-6bCasuJ3VXZ4FL4kqiCpytyM9kg_f4hX9TICdnfPwDjZxKIJt8U
Frame ID: 73E89A057E572C9A41C01DBEA642D6C0
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjpQ6newSNgwk6vNSsrB0aVspdw1wMTs0wRGNwTbbiwIm2v6cWaL4uM1YW2adFfv2Ckm-96Oswal9dCHq54gsb3IdHtnzuJ75-vaMTpKYTNYBg6XJ8B1tFGxG_EYI1ua4zcEBjJDf09nq9ZAgx61m6EtAGvA&dbm_d=AKAmf-CqHGY5eNnPkVwxld-zhy0O7D3xMIsTa0U0bhF-LA-30quznngdlzbIo6CUJmeTxCymPBbT7C94uXEPjrcMlHQpwYzerz83xr5Nft8s8RtQcY58kW9TB9GcWdVBhmwisIrUaFBUemwyb8TfCAvV0GMtp7T4cX4M-PK4FSu_GZ5E7HW-nm43rptIGMNfu2akmgXWG1YIyXF40gda7_f_tH_RHlA5dAZs3Ty7SRrVnAMueB8WYICJiWRG6OkPP-BXJpz3hluilpQEjtNsP2dbMc2PAlHxmrq6JMZ1Dqd4QdQr00H-6d4H40mFIh93yXZWItNS_5Vm81V-ZgXvLcK3hfBbGUUuow_xvsN1gNHwvsMsoI3Vo-CdNjEhPBnDx9KRpEZl024biju3OoJQgGDgm54er6gAVo2qIX7wz50bBnEdZAXO6MA1jnXQGRbrJQnVMPVnOGidlV57xHD-HJvCSQ9L3Np-cLZy6AaD6gWNmYfS4vVWb-ITLjhLntajdUqSU2se0tLO14HUASTtaxjnNc9e45sMQKRB_h7oHmGuupD9yR_RKfORexQ16jqer6jiRviZIUXJ0F4vri_3FvG_xpTGkdWuc04_VTQqwqGrOd_eIWE621N-zhDkiBIRhf1UoQGm8ssYpzBhuInLUAe3zod7BS_0KZhBD2k0qzPxPQAv8NKp0aAUHEi2mP_qQwUVJOubDZ9wn_RAPZ9k5hV-TvnfVRny_bZPqytEENSi5_c7KmZXwormoQsoXh6oNNf3PHZ_y-3UvAV1ET7YJCUaf15fsF2HJkOX6m9ERVGkP_t66u-on1C7bTnI3BJ_AJKxVcRdX9wG9ebDDC_0O9ofJ8tWKYrPTBQOh_kVbCpgBwdsSnI8X-UL7VWV2SSeCWGpufI6-Iy4MFVIsGIQt48o0WPB3KJfBwmI2C42a5tdq2g4ydxBzEAZ6GbwiMM2XQ20YYs274LFHsl71Z8dkweeEwqgLaBb8ciVLzP9YkuptWc_uEIVEbUTGH1RuEv3RfLHfJnB8lB2MVb9PVufoVd2yvUOjb1RFXXdnIXG_aFNFtBNLaFjd9iP3cBaShIEm879C9BCCsh0bsSx5luV2KZea0MOJefZvoh413kJGY01H0jfOHUOr--8dREPojtEINCSvcIfxC_uf4o9fwTRts4Dq8E9dOeY8AYFzSt7TuxhFSa-1qbgzcNf3pJDvcdlAz9N1UdT_MM-i-8xoujtFyVa1DazOYS3R_Cpb4IQOxyIXroYS3x5r14o1msnFQpCgfvCnV805qTaAQiXoeaN7giBIjjs7pmrd5ZSu9DXMIwggkDzaRNX0bf6e9DD5ec_2GZTfEi39Xe9QyoFuhaY-j2mzbvdyumNZ8x_5L6WhYXn7lRk7BTiHQ3AlUifPeJS9YbdgWHjYNqiZ63-xYipqC9ow0TNjIEadh2RFHfbPdu9cxQQhYTA1BsKOqFfKliiqaa5NZ9OImnUSJDWpFXy2K7RMqMV0heOCnW6cI1jeeY0W36bzv6rgS5Cict3pVY9Sb3ZkW6UW8-DXLiWt_IKEH1pxFLnyP7xGn7EBwSTLmj8JGnf9sixRCe4AiilUDTjxCKO987rq27W_zXl56f83E3aUzqojg8rH2eNRqD-tORKFllwNwNOJCgrObH3C7fQk6tu2XF9yGhFGRFRYOlnu41vx_uyfgzCSHVhPogImE38unv1-0xAgamGcULhmTUylvm9Qkv4TjYkEnPEQ-uR-CvBWSUnPUVdIvix2mLIQsFiv8J1nnobweiTUAaS8hCrpyAsItQKbVDysUfxpPTlEGxXT8D-3eS0bRGfGNIqsvcYKiBi2KA1osJNPBh_CUQDaEHQM9kcUjwx0fRYPZy3eyrIwOHJ9tzMfWrLeTmP2mN3ZNkjZjM416Se1jTJcoLnJDSehCDpYZHMtSVOB_h8c0qgNBxn-6yzqvFb0Wvl4c41BWJlfmd9xvzQTbDfwMT4TNW5lpeHD7qMtH0a0Yom8WLUlm0zu4jTmU-Ji-VNiJPw6FZrSSFMuRdXd8eVWibMu9PdXCSPLG1nfGeto-bof0qDarhkqW9Tijj_xOhj5AR8miBCTzMANQlXJnlxRqWv2Rmvx9n8TRERzckhtHyXWEvCA6PDTdSDXsot1ZMfxSmPau7DD_8sRiElu3kmw5DnN13EYSS49eo_CM2yT6kNJqQMjXqzJyUIUT3pgo2vVhNTc3jTDzBVVQQk8jPrprizJVtqYHZKIaVz42x7rbharu0KSvxaX_XV8LlpM8XuZHCld05rsKf4C-0zpJ62UcfOizwkrjKzRZRIY8BhTXdTOZXdo_BjYwHx0_xRrrAwO8Ia1kOFIPimC7xFATI1q4f3hf-P8f_fyAzTP-EK81V9Ptk_LvL_nRr-NSCZCyC8nnwyGVyiOxqFVjaEKfuC8lpMgMnKBBXleXJPnHvctwUX3xceW8fIEnFrHv2iLgiZ6ouDrdX8a-oqCoCPoFCT-SkMCAzDsRcChpArIpsasmWvDOoaNhnmCK9HzP1T5PkAvTFpQDXmvabeJFx1N3hiCzwxp13FcV4UyvNJlnUd40kX_0n5XMFBBOtTNM0kP2-1y3L0nJma8OpV25oZHSwIVtiE8I8GqSiz_UF_5JVzkIyNiLE2zLWpJlEZZzqrR2mYvfc7y55PTrgYJ_MYvkg6jrS1yymyHQNy1P4W7LP56a-jS_83Z7fedfuAc2wst8eBNhtGW7U4mlP3HJ8qkgDg5UVn-unEBY0R-6P4U3x7wmv45bFryApScImnnwk7RDLWWou7x6qaGqGUloiMF_f0t1-BvOStQ3yRqtc5ZxPst_n58ZsuFj4n42V71peT0ZHeGhj_Pd4YBc_xwLzKNLkiJlVsOZeJMzrptaTs9cPxb5pqeXcGGi_PFZa3DOaoO8cfuNZQu4U5An4toXbn4dXJH8rK5x9aW6KNKQNc86oyhVCA6wfsxlVH2UK2qKGlreARYvePmNQ9CqJFsK5VZp1f4kIiiQmSfKb3ahdseG1d1ZmHLJfey-uPeVUhuHgDFv1tYLdsY6bvk1ORJ1uBm2wRO48UDI0cgXcpyVjZUSnCi1hsVGmRNQeN5yQX61GThJwN2B-hBQU1lw7S0BG-mBg0wzgRF0G7rIVLhS4M_ab9Esd2hhCaf-5wsWPVKb-bKHK-G5tnFn6mzCd6nYR-AHAGqUZECIRwIOvYTuyCjHka08e-bms-knnqAwkfGg&cid=CAASEuRoBmYMJwWFYVHjD0GdSN-NBA&rfl=2%2Chttps%253A%252F%252Fgadgettendency.com%252F%240
Frame ID: A9CDD6CD504A0DD280EA0D9F8DCAD9B0
Requests: 12 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNXHtIjDNfzgd9i_vgPABRKrgvK_wDlkJpofboDkidrdtxlYvaOGXNSZtXuFLW6p-gDbBUuHXsdM_nb1w28ymT00fYl8J5YpdxavL7-WaKaemWQ5gtuy48hI6NQumLe52JgRapHU4-4buTX5cTbDj8ZPY4nNB160fokxscdso3RR4iiIlPo
Frame ID: 6168C752EE3BBA4150239A20D7AA5C0A
Requests: 5 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: B0ACB3089751809E38DC7E4360DC59AA
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4B42DCD7E1B0BF91A930943630E737E8
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: 54292BF566FDB6CF99EB28AE36954CBC
Requests: 9 HTTP requests in this frame

Frame: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
Frame ID: 4BE59EAAD21703278AB64B154743E499
Requests: 16 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
Frame ID: 7B3E5B0213AF8D1FD4028C5C0DA84935
Requests: 15 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: C9F1FB5F0A45B222E5D49B32B09862B7
Requests: 3 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNVfjBzF8Q5IE_56ZYRajG7BmA28to0Y6LEsl6amewYIOzohCa8m8jRw0HMtagF3tqORq-csnUqdkvUEandTDpQyTG-Nu_v0PUoCGKSvGKp0Drse72l0JN81Zj-uzedCGpISL-mI4IVwqigk0esDZw9hn8lA9ypIX5PgLyE7a8lrNjo3cKI
Frame ID: 6E2A285E759E25776E648EB698014D93
Requests: 4 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
Frame ID: 5FDE3D65389A213F75334983219223C3
Requests: 15 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html
Frame ID: BDA823DEF7FA68C8590472BF56AD2476
Requests: 9 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: E7C9C07E8F6E8230A39CA6A8FB8AC61E
Requests: 3 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 4BF5E8F1E37B815D161C52C76F1CB9B5
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 4629E06E1A7BD03127EF10BC43B62900
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 0B8A149C58E0C069C97711D8B6A4E146
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C6A824726DDDCBAB755AFB84A22DDBA5
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js
Frame ID: 5ABFBC89F24ECA4B72D7784AACFCFBF6
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Malicious code found in popular NPM packages coa and rc - Gadget Tendency

Page Statistics

242
Requests

87 %
HTTPS

61 %
IPv6

28
Domains

40
Subdomains

32
IPs

6
Countries

4119 kB
Transfer

8687 kB
Size

31
Cookies

6 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/gadgettendencydotcom/

Search URL Search Domain Scan URL

URL: https://twitter.com/Gadget_Tendency

Search URL Search Domain Scan URL

URL: https://github.com/advisories/GHSA-73qr-pfmq-6rp8
Title: include

Search URL Search Domain Scan URL

URL: https://my.diffend.io/npm/coa/2.0.2/2.0.4
Title: launching

Search URL Search Domain Scan URL

URL: https://github.com/veged/coa/issues/99#issuecomment-960989137
Title: studying

Search URL Search Domain Scan URL

URL: https://twitter.com/npmjs/status/1456398505832976384
Title: removed

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 97

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Request Chain 107

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1&C=1

Request Chain 108

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYYc96InyZJZ-asUvTy0tgAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1

Request Chain 109

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEFGu5jN0tW_pO7_o1by8hmo&google_cver=1

Request Chain 110

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2ODE4MDk3MzAwMjU5NzY1MA%3D%3D

Request Chain 123

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGmt96povyzybRR8N6hTeFU&google_cver=1 HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGmt96povyzybRR8N6hTeFU&google_cver=1

Request Chain 124

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMyYThhNDktZGJlYi0yZDU4LWQ3MjAtZjMzODdkMWM4Y2Uy

Request Chain 125

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm HTTP 302
https://sync.teads.tv/um?eid=3&uid=CAESEP1GqoYa8Na_5HuKPTYOd_c&google_cver=1

Request Chain 132

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJyHbIywRJZlhdWlNsgkTDmTHpm2tzW1dN5sKxHaFu3DRRKdRWM3hUIuX5Ycbs1ZrwcRNI7vl7E614MXStuRaetcwX3e0r5&google_gid=CAESEBdJsTmYlrbvJGPrdWIvErc&google_cver=1 HTTP 307
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPi5mIwGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKeUhiSXl3UkpabGhkV2xOc2drVERtVEhwbTJ0elcxZE41c0t4SGFGdTNEUlJLZFJXTTNoVUl1WDVZY2JzMVpyd2NSTkk3dmw3RTYxNE1YU3R1UmFldGN3WDNlMHI1 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwci1VYkNkUGp4Nl9RNTlMRmxOaUxBSEI0X05Ddi1ra2hNRmNuUldJbDItRQ==&google_push

Request Chain 134

https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK HTTP 302
https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK&ox_sc=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

Request Chain 135

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo0kU3e5VkfVQ9qLOIhi_k&google_cver=1&google_push=AYg5qPLnAogC-HaPJ9GHLqL2biHaa-LzaEOt0dhuoSZreKTL5Rom2HBftlZzn9cNHzyyYbLqorZGxLdV3Ah3CmqZlqKXS5wkYiq3 HTTP 302
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo0kU3e5VkfVQ9qLOIhi_k&google_cver=1&google_push=AYg5qPLnAogC-HaPJ9GHLqL2biHaa-LzaEOt0dhuoSZreKTL5Rom2HBftlZzn9cNHzyyYbLqorZGxLdV3Ah3CmqZlqKXS5wkYiq3&rdf=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=phASOV4bTqCo-X-N4uh9nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLnAogC-HaPJ9GHLqL2biHaa-LzaEOt0dhuoSZreKTL5Rom2HBftlZzn9cNHzyyYbLqorZGxLdV3Ah3CmqZlqKXS5wkYiq3

Request Chain 136

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENalJPOHdir77audo8OXXbw&google_cver=1&google_push=AYg5qPJxpmKpEczfFr4TCGN8p8YSB9SnONzlegB_3g_RYT-gRqfI86Si8SgBIGr8p-N21WE8oWuJj4nc9D80js5UpiZLVa-tqHA HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHUEotWi01TFlM&google_push=AYg5qPJxpmKpEczfFr4TCGN8p8YSB9SnONzlegB_3g_RYT-gRqfI86Si8SgBIGr8p-N21WE8oWuJj4nc9D80js5UpiZLVa-tqHA

Request Chain 137

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM

Request Chain 148

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAYDsQRAJNyesCo1sMfM3bA&google_cver=1&google_push=AYg5qPKQWg3YocpFN5TY3mPmC4_EwNsshka4NPFzqc1vMwGmYwt5eGqP48qecFfI5-0YlY9uK6Zhio0ZBnB49bgF0Z-AwmPrOw HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQWg3YocpFN5TY3mPmC4_EwNsshka4NPFzqc1vMwGmYwt5eGqP48qecFfI5-0YlY9uK6Zhio0ZBnB49bgF0Z-AwmPrOw&google_hm=P7kOxfiK6L8gPEHRHRaM3g

Request Chain 149

https://d.agkn.com/pixel/2175/?google_gid=CAESEEIOo59O2ToRxD6eMytmnWM&google_cver=1&google_push=AYg5qPKNZyK3OTgnxpEG8khHfh-fvRrOtIdJn5_6PNqNEIJfbCH4J5ggYhHurTll4vHIWuTzN8CVLwpYJ3GwhuRYel4-E_Pvw44 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKNZyK3OTgnxpEG8khHfh-fvRrOtIdJn5_6PNqNEIJfbCH4J5ggYhHurTll4vHIWuTzN8CVLwpYJ3GwhuRYel4-E_Pvw44&google_hm=Q0FFU0VFSU9vNTlPMlRvUnhENmVNeXRtbldN

Request Chain 151

https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPLHqIuqK9lV7ticWwUmH41GkDbqMM8ag-APJ3SyScKgnu7ht_kILhtMUmXaMXkKpHVTywhtiHuAE8xpZsGRJSotxFalsyc HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLHqIuqK9lV7ticWwUmH41GkDbqMM8ag-APJ3SyScKgnu7ht_kILhtMUmXaMXkKpHVTywhtiHuAE8xpZsGRJSotxFalsyc&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

Request Chain 152

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo0kU3e5VkfVQ9qLOIhi_k&google_cver=1&google_push=AYg5qPIJPrL3BDXyArrv0IzL9oALdOnJkOcZ4SQxiVzLLzOMZ8rQMCDaw1UKRGl0Da3zkYjnGJpc9f2w0HXZhaaASQOU-Ldgp3Y HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJPrL3BDXyArrv0IzL9oALdOnJkOcZ4SQxiVzLLzOMZ8rQMCDaw1UKRGl0Da3zkYjnGJpc9f2w0HXZhaaASQOU-Ldgp3Y

Request Chain 153

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENalJPOHdir77audo8OXXbw&google_cver=1&google_push=AYg5qPI3YBUbsS2Xrc182SdsRaZiNNBu8p8Lu0H7zk4S4ChhLj7sTSuUXkzNmJLLKWbu4GgGBS0bt2GvKFwr7L51b-FT5M7WWQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHVEMtMTUtNk04RQ==&google_push=AYg5qPI3YBUbsS2Xrc182SdsRaZiNNBu8p8Lu0H7zk4S4ChhLj7sTSuUXkzNmJLLKWbu4GgGBS0bt2GvKFwr7L51b-FT5M7WWQ

Request Chain 154

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1

Request Chain 180

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH_8H0sXnp-83fRzbI30UOo&google_cver=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH_8H0sXnp-83fRzbI30UOo&google_cver=1&__user_check__=1&sync_id=9f26e4e1-3ec8-11ec-bbf8-1df4c96b0506

Request Chain 181

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_id=9f1fbe92-3ec8-11ec-a539-141484330106 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWYxZmJlMzAtM2VjOC0xMWVjLWE1MzktMTQxNDg0MzMwMTA2

Request Chain 194

https://gcdn.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,itag,source,requiressl,ratebypass,mime/signature/B33A2932CAF3ADF3D8DA9227B092B441C7CD2885.0CA26B5236A9E2C4B4928C56A03B41E01E69023C/key/ck2/file/file.mp4 HTTP 302
https://r4---sn-aigl6ney.c.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/76C0EEA5A49F6DBFEBC565ACF1081A7F09827EC9.37C3FB7DCE9E5806B64E5907A1C29C81D3A7A71D/key/cms1/cms_redirect/yes/mh/ng/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ney/ms/onc/mt/1636178908/mv/m/mvi/4/pl/48/file/file.mp4

Request Chain 216

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAYDsQRAJNyesCo1sMfM3bA&google_cver=1&google_push=AYg5qPJkZdf9dwCPtsFE8Ae2p92JTGvIdncmAjBIWV6IWeasLWHmRc5eZteFo5V3IbBEUoHLW12FDMxd62IJYhkakMR__kXY9rtu HTTP 302
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJkZdf9dwCPtsFE8Ae2p92JTGvIdncmAjBIWV6IWeasLWHmRc5eZteFo5V3IbBEUoHLW12FDMxd62IJYhkakMR__kXY9rtu&google_hm=P7kOxfiK6L8gPEHRHRaM3g

Request Chain 217

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJsZrfcYJLHX1yteccJW9ZdjPAboNnNfK3yajUM6xzVEm4e7v7tQjYxyB0vx8xSvoxrFSQ1jd1iiVR-yj-1qe_qZSOapA4D&google_gid=CAESEK4bS0wqeMO0dmfQ26Q9zRI&google_cver=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlZY0BBQUFBV3hJcmlhag&google_push=AYg5qPJsZrfcYJLHX1yteccJW9ZdjPAboNnNfK3yajUM6xzVEm4e7v7tQjYxyB0vx8xSvoxrFSQ1jd1iiVR-yj-1qe_qZSOapA4D

Request Chain 218

https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPJpvPR4OiJqO8iBg0jbAttjzBLvnD95QYW5ylNZmikVz4L70-DJi0Tr4mmU1lectwjaJeUxdwGHaQTXtpYFmY_lf9-dv3h0 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJpvPR4OiJqO8iBg0jbAttjzBLvnD95QYW5ylNZmikVz4L70-DJi0Tr4mmU1lectwjaJeUxdwGHaQTXtpYFmY_lf9-dv3h0&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

Request Chain 219

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%25253A%25252F%25252Fimage8.pubmatic.com%25252FAdServer%25252FImgSync%25253Fsec%25253D1%252526p%25253D156578%252526mpc%25253D4%252526fp%25253D1%252526pu%25253Dhttps%2525253A%2525252F%2525252Fimage4.pubmatic.com%2525252FAdServer%2525252FSPug%2525253Fp%2525253D156578%25252526sc%2525253D1&google_gid=CAESEEo0kU3e5VkfVQ9qLOIhi_k&google_cver=1&google_push=AYg5qPLgjXx7-Zh4CbdVGa_7K_zs6h9BDbCgc17Lo82EHH9kxwiJGyif2KSpL4lWQJE_IBooG5tI4JahEV6-ZXe_R0AAVvpZhUWW HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLgjXx7-Zh4CbdVGa_7K_zs6h9BDbCgc17Lo82EHH9kxwiJGyif2KSpL4lWQJE_IBooG5tI4JahEV6-ZXe_R0AAVvpZhUWW

Request Chain 220

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENalJPOHdir77audo8OXXbw&google_cver=1&google_push=AYg5qPITgKqrCMzxHxjVFYDR4tPEZOPt9oRhhLz5z-R3xOizheXHboBtrp0mbm2te4frqm92MOtm0vmBRNymBYZH1tjG6ufIl_Mg HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVIMEstMS0zNElD&google_push=AYg5qPITgKqrCMzxHxjVFYDR4tPEZOPt9oRhhLz5z-R3xOizheXHboBtrp0mbm2te4frqm92MOtm0vmBRNymBYZH1tjG6ufIl_Mg

Request Chain 221

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t

242 HTTP transactions
4 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/ 167 KB
36 KB 605ms
464ms Document
text/html 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare / PHP/7.4.25
Resource Hash: f7fbb36b1c2be3ab6abcf423bdcf2f18f0e399c9b4df73c76435ccef9ba53718

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9

Response headers

date: Sat, 06 Nov 2021 06:13:09 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/7.4.25
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f8fdZewz9bK7h4hV6qgKkZnvwJLNM%2Fm%2F9DU6IhFxRs7xHhEQlnrHTtXyTjRmHTvwW9wIUkGJsGD%2FeMQoiyXkx%2BjAJ4Sr%2BYKVYC9ZbJktk60hTj2QorbUwNAHpjo4FrGsW3TSVUcKqst5jlRzTzRdz0I%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 6a9c2c9bbb585a37-MXP
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 90 KB
36 KB 158ms
67ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-169224141-1

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

ee45287eb2d0a1172d69bab1af8c3c2a1af603aa5c88e506e0164f671c2813e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:09 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36447
x-xss-protection: 0
expires: Sat, 06 Nov 2021 06:13:09 GMT

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 144 KB
51 KB 169ms
78ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f907ec1acbe5cfb6d5f9ed558f8c46da774a5e74a810118fcb6dbe47948338ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51560
x-xss-protection: 0
server: cafe
etag: 14321588638200060435
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 06:13:09 GMT

GET
H2 200 7nfu5.css
gadgettendency.com/wp-content/cache/wpfc-minified/fpovifs5/ 57 KB
9 KB 419ms
418ms Stylesheet
text/css 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/fpovifs5/7nfu5.css
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 875eab035958b7ebd3173d19445ae17afa9b77e659067fa9f093d0917b42b372

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=y1ZjDsyyrkpltXTmukUADa4QujNKXNLYp4UJRadvQMILjjWZ%2FlcVonnYgM73Kq8R1zVDH9JPFFwyBC5yI%2B6bN3SzB3Anuw7hEawJeQjCXftuahN1pI%2F0tLZR2tCzmDaAGyHr%2BNAQV094J2iBYEqLVHU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2c9ebfe25a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:09 GMT

GET
H2 200 7nfu5.css
gadgettendency.com/wp-content/cache/wpfc-minified/117f2dyz/ 166 KB
28 KB 756ms
755ms Stylesheet
text/css 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/117f2dyz/7nfu5.css
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3d4951c7ff3a46728fc439373e8fbc749d86044288e77e6fef87543dfd2e0c51

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hz2iYcZlBZlrWsFatM4jHYnYH5MP0eUwR1TQC1OKbOaGaleTF8c6B1KTkbm156Kd6CIPOFdujiA584gG6cmrjufrkr%2Fq1t6dHEHCR%2BK96b0cxk7euuFLFFdwd4N7adUGS9dTRV0ekoOyPQEshRBIOq4%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2c9ebfe35a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:09 GMT

GET
H2 200 7nfu5.css
gadgettendency.com/wp-content/cache/wpfc-minified/kai8t3ug/ 34 KB
7 KB 414ms
414ms Stylesheet
text/css 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/kai8t3ug/7nfu5.css
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e729f5d401cdca135b4fa5dc8e6e2c5df959ba7a631c700787fb44fc2c911e24

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Kcdu80XjyNXGsjpcwffc5g4fX2UZH43gNHH4c%2BdEZf%2FKo7FbiS%2BUVM9UtZDH1jsngzDdphr6HFzooPQCAEyl0jtC6nW7n9r%2BgmDfqGLCDcbIoBjvo8PBivGuxbl7KV1XWV1LDYTtmtlPGzt4FPLABoo%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2c9ebfe45a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:09 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 143ms
50ms Stylesheet
text/html 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Roboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7C%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 7nfu5.css
gadgettendency.com/wp-content/cache/wpfc-minified/fppnwete/ 183 KB
27 KB 564ms
564ms Stylesheet
text/css 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/fppnwete/7nfu5.css
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 997ad555e35383cc25c4a68bc034b1f2b3ceac59e873a6a19b3e056c22f1a4b4

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HeEw6EaLLw7gJdE5nggzpO%2F%2Fe7%2FfVPakAH3Us20k5IzbS7yiVsp9nzp27wUfJHekwad2nedtUQV1DRnhDc0UpavBchBvNsobFCRbwi7TwErWmmmy6ykzExfxWDsOlrgefsGn3fBjUziUiCZXrbb0b78%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2c9ebfe55a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:09 GMT

GET
H2 200 7nfu5.js Show response
gadgettendency.com/wp-content/cache/wpfc-minified/1q0d2doh/ 99 KB
35 KB 728ms
727ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/1q0d2doh/7nfu5.js
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d1c5a14bc13386e0a1b725883df2acf09eef1a6058125284b6f7bcd8924bc78a

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NAoNXG%2FnB%2BVNB1oL0t7YNITI7DS5urTmKM3yNfDbY4OWRcJH5hjrOlr0F%2F4NqETUZ5aIpxmipcW1t%2F6%2F6BYiF9mBTYpTP%2BEwFuZBCJRGuT%2B%2BDktqy7rFPO9wmLcdaHXWhVgVg9FC%2BtCTcwQIVB8%2FubI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2c9ebfe65a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:09 GMT

GET
H2 200 7nfu5.js Show response
gadgettendency.com/wp-content/cache/wpfc-minified/e4jcpf0/ 36 KB
9 KB 397ms
397ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/e4jcpf0/7nfu5.js
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70a7f220d74b56bf646c539d97b584991dfc9199c6982d333d9154a6f080a45

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:09 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FDbLaj0rOEEB6np6Hf%2BmPnVo%2BzOea8DW72U1wW2lKCcXAFrPeI8%2FLvzYBESIyd%2B1lD0Y8HGPSxrELt6JPXt%2FyhIR%2Fu4fEKO8AtxJVgnPJ4QbMILm5yKfeFDql%2BiEssJbFx%2BGZ%2BQNUpWLfyBYgSGOxlE%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2c9ebfe75a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:09 GMT

GET
H2 200 logo_760x96.png
gadgettendency.com/wp-content/uploads/2021/10/ 13 KB
13 KB 417ms
415ms Image
image/png 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/10/logo_760x96.png
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 93746ed6619dc225bb18e11252292d9c591ea9247b1c7ed16a75c206156db628

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: EXPIRED
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 12907
last-modified: Thu, 28 Oct 2021 07:37:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=w5rhenHPqQR1u83qtwnymsyQ4s3FpvqtlI4WMALhQ7GWPiekbwcVPSFKQaPYuO1Jg%2FUTLXamE1K660GnZhYDzi%2BaWtCwL687D88Cdti5q0OGbz23bZCcLtjJxeaRt1%2Bf7s9aQqAnFsoTzaZP5L03fiM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca3bee05a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 wp-emoji-release.min.js Show response
gadgettendency.com/wp-includes/js/ 14 KB
5 KB 404ms
402ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 09 Aug 2021 21:41:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=gQ7XSFAsQSsgzTh5kiNeaYLaT6YZB9itThrWg6HbFAwf5JaCREXWjOfyzoZml7EX%2BhDaT8RPi8qv34ZMtkISt9zCbOF%2FUpgAwthSq0XsFVK171OvFffASeDDdbFE8k6doeqvyVKYUwFNTt%2Blg2hK2C8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3bee15a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 email-decode.min.js Show response
gadgettendency.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
1 KB 65ms
65ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://gadgettendency.com/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Nov 2021 13:28:28 GMT
server: cloudflare
etag: W/"6185317c-4d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y8MtXZARs6bLekP4pnQscsdoIyoCqfwq6C42pGePkLGVh0r7rP9RyODvKQ07AGJ7FSRbu9sdIlVErWj99TX5d5ILo8cIKGTTvvBhiR4XyYK%2BGWC19sgNH480k07l2a5Smo6IOX4vcKUDvlwQM%2FE%2BEl4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=172800, public
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
cf-ray: 6a9c2ca37e605a37-MXP
vary: Accept-Encoding
expires: Mon, 08 Nov 2021 06:13:10 GMT

GET
H2 200 1636098536_348_The-very-affordable-smart-electric-vehicle-Hozon-Neta-V-Pro.png
gadgettendency.com/wp-content/uploads/2021/11/ 657 KB
658 KB 929ms
927ms Image
image/png 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/11/1636098536_348_The-very-affordable-smart-electric-vehicle-Hozon-Neta-V-Pro.png
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 24a9b59e7702d3e85a84da776cfd55e0db6f7dc6cb3e5ecf8d337c6329a82385

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 672572
last-modified: Fri, 05 Nov 2021 07:48:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=18vTOA08TU1p0u2EZ4NXoSMVmJu6VVqblLbJJlNLu8KfuqM%2FO28UHiGv%2FSSKcVhwZjmDRuCBElHjahCG45zwm32pN5QGXLab7SdmJ1VF9BvBkVATv0W%2FxnOsRjCDqVrDrQyNoI6pfTCc9E%2FvXhIeLhc%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca3bee35a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 7nfu5.css
gadgettendency.com/wp-content/cache/wpfc-minified/lds82jwx/ 5 KB
2 KB 411ms
411ms Stylesheet
text/css 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/lds82jwx/7nfu5.css
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: db8e8a544f7d1563e313d95796d12a39c10b23a98f8cefb91b27212ef075fe32

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 28 Oct 2021 07:39:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Ca4PsOCxqFWiS1ZHcQKC%2FD6BFRx3GvmloTu2CAVG37S3HcqcmFGWi8BTNtJGLJzwFFv1zxl8UwtOzdv923hafjgCRlVKYPsCagCWorcqtxIV53uaOD%2FSC2NpNpYhhWkCY0x5AEJkde5Ppt3M%2FHEUlvM%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca39e9e5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 wp-polyfill.min.js Show response
gadgettendency.com/wp-includes/js/dist/vendor/ 97 KB
34 KB 726ms
724ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-includes/js/dist/vendor/wp-polyfill.min.js?ver=7.4.4
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 09 Aug 2021 21:41:32 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=V9ddg2VTSp2d7q8L8hekai%2BZJk0Oeu83xQVYWCA6j4SbxmAmCaZdJh416M%2FiT0Ig58I7q8qT64U3meZkPOrztunDgXRfPtGr24BPVx3siBT8B4Fehph9jgdaZNkma%2Fl6oTf48wBd%2F3V6aFlQAyIjtVo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aed15a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 index.js Show response
gadgettendency.com/wp-content/plugins/contact-form-7/includes/js/ 13 KB
5 KB 239ms
237ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/plugins/contact-form-7/includes/js/index.js?ver=5.4.2
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Wed, 14 Jul 2021 18:25:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UQIOdKz%2BLZ%2FOb7T7ASr6gHvG5Cu1SEPuvkh7A0fRP8vSOOgOjs45HF0wkQkIGdT3XUj5i8o0Wd93ClQXVxs%2B%2F0vljNvvvf7qyLDqV4BalG6e%2BJIQrx7HrNwQjEkjRQtNPyl9WrIvMq%2BSEKVHIE4fApM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aed25a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
20 KB 136ms
42ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-169224141-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 26 Oct 2021 23:24:02 GMT
server: Golfe2
age: 724
date: Sat, 06 Nov 2021 06:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19747
expires: Sat, 06 Nov 2021 08:01:06 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/ 268 KB
96 KB 69ms
67ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8819900454201426&plah=gadgettendency.com&bust=31063413

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a0e637754f0d9b8dabbb2440e00a968850d5052a68724af3debe3046a014a56

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 98355
x-xss-protection: 0
server: cafe
etag: 8349260348528370280
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 06:13:10 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/ Frame 3B0A 11 KB
5 KB 134ms
41ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 18:47:13 GMT
expires: Fri, 19 Nov 2021 18:47:13 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 41156
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ResizeSensor.js Show response
gadgettendency.com/wp-content/plugins/theia-sticky-sidebar/js/ 6 KB
2 KB 399ms
397ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/plugins/theia-sticky-sidebar/js/ResizeSensor.js?ver=1.7.0
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 23 Jan 2021 20:43:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=GdnXKSYDpXEBmIWNGiJjDhlE3MrPc9cVpmCegPRtoOABHdw7%2FV4WKxqlenfSasxksG8FPuS9geLyVN42D5eh5FSw0dg%2FVxZ1jZVenNx463bP2XmDCTU7i5VnGN3jZMhLz1%2B2%2F5NTi3gfv4MjhcBDr04%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aed45a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 theia-sticky-sidebar.js Show response
gadgettendency.com/wp-content/plugins/theia-sticky-sidebar/js/ 16 KB
4 KB 404ms
401ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/plugins/theia-sticky-sidebar/js/theia-sticky-sidebar.js?ver=1.7.0
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 23 Jan 2021 20:43:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=l6vVWhCdLSGQ7ciIK%2BY8nB0UFXoDkRDmXxiPXNYWQC7Tgm%2Bz5WZIP6hQbleJEDm9KGb%2FlHt9Tv8yHBrgB9Pb9GmVq1cVxDq6iYT26d%2FvVyroVjQOM0Ypxe11h1ZpBcogjD4VkZCstvqSe616UpQgVys%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aed55a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 main.js Show response
gadgettendency.com/wp-content/plugins/theia-sticky-sidebar/js/ 435 B
494 B 418ms
415ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/plugins/theia-sticky-sidebar/js/main.js?ver=1.7.0
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Sat, 23 Jan 2021 20:43:01 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=YYmQzhYESvBS7Wuqs7G1EO2SeH1DndWyCqTwBu1paC%2FfvoIAmiAK%2FlwltU5atmFzeMUjcoO%2FP64U0DpoJm3F805%2FRbF2ebF11RXx5X7V39YpKPFF1k6IeXW1Ye5hVQ%2B%2BToLEwRGXzXzGgmNKBbyqUL4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aed65a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 mvpcustom.js Show response
gadgettendency.com/wp-content/themes/zox-news/js/ 0
287 B 415ms
412ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/themes/zox-news/js/mvpcustom.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 0
last-modified: Mon, 11 Jan 2021 15:43:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=MD5TcDReepalfwizJ2z2OFbEq5HKovlvxc5mFKvTKEPkkEW78AmIJAbjYfsTi%2F4icslAvJh2xQj8Ph1aCcK3IW4bXJKzbq3BxP38ac9Ffmn%2B8CSRisl35UX3DSd624puRdeKTmcTIC%2F4Ssx3fXrPPPk%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca3aed75a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 scripts.js Show response
gadgettendency.com/wp-content/themes/zox-news/js/ 120 KB
28 KB 759ms
757ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/themes/zox-news/js/scripts.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69751f40928d2926f8edc62099a3a00383d97846b0ec1bbd15232fea3cdb657c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 11 Jan 2021 15:43:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NcQQN0jMRs2QrKqtM%2FWfUuo8vGx2d58%2FMj%2BzODalof%2FVJigIJdrg5%2BUXecdhuWvnd4sznOu9K3YC0Sqm275Kktcn1EyBcL3WXyePQZmn2Q0bAxkP%2Bto2rD%2FrOCUy9ZyusqmYt7OcwDcAnkIIttItEPI%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aed85a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 retina.js Show response
gadgettendency.com/wp-content/themes/zox-news/js/ 3 KB
1 KB 410ms
408ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/themes/zox-news/js/retina.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Mon, 11 Jan 2021 15:43:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=h7QqrQbzoNqYHU7srxOPQTZDKrPUCs6sN4IkuN0INStoiE0ux%2BZWrUz8K1qBCf2AqVRY4aWmWCIvFR9UmT7Q82aRAuEe7O4KPdDiyL%2BFoGsXndl3E33ZHfYdqlfciF7mxD%2B%2Fju%2BcD13PyhhuqhW4At8%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aeda5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 flexslider.js Show response
gadgettendency.com/wp-content/themes/zox-news/js/ 22 KB
7 KB 400ms
398ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/themes/zox-news/js/flexslider.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 71e84f4b3a46857e0ee497d4890e8a90ba4889e3c72d3c39a1ea7f78c1f8065b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Mon, 11 Jan 2021 15:43:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vJ87uCh8Tg%2FnfTIWYuTQXuqi8W66qjzs%2FKAA1WhkvucB98x3RYjZUQDeJf4W2CKuSUOO8ZTbu2nkQRrALK7hs49A%2FFNbwKoYxXv7VZjKNcEpvOU8Ap2ocCxGBJbfMvU83ZQPRgZoLnP8L0Hqm0BRD%2Fo%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3aedc5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 comment-reply.min.js Show response
gadgettendency.com/wp-includes/js/ 3 KB
2 KB 418ms
416ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-includes/js/comment-reply.min.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: EXPIRED
last-modified: Thu, 15 Apr 2021 13:05:45 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AHOuLelQPie94kvB5kb7PDdI49Cas2VX3L%2FAL2iQLBJ%2BwZV2sby9efKx4FTixZq93yqdDRr%2FtueDr5AVP2KNDbhW1WLIxZD%2FvebZwicryprp78fQORq7goE4pRlusj2PCUNQDPZjRt9figgtf2uTEFY%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3bede5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 wp-embed.min.js Show response
gadgettendency.com/wp-includes/js/ 1 KB
1 KB 418ms
416ms Script
application/javascript 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-includes/js/wp-embed.min.js?ver=5.7.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Thu, 04 Feb 2021 08:27:47 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=8cubVfx5WBkkIVHvDRgOFIudd9cQrp8tFkuGW%2BGsRBYzQ%2BwTDh1J7P4QereJijwGQiKFFmJjQKgdMUr1I9CSLkvJmc22%2FI%2B%2BtK%2B%2BOm8gG0T6pw5AJzIJpWQ531VKfriAGiIwo1Pa5gEB1ksu0ROjW5s%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: public, max-age=16070400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
cf-ray: 6a9c2ca3bedf5a37-MXP
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 e-202144.js Show response
stats.wp.com/ 9 KB
3 KB 97ms
30ms Script
application/javascript 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.wp.com/e-202144.js
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT lhr
date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: gzip
server: nginx
etag: W/"5c6340e3-350a"
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
expires: Sun, 23 Oct 2022 23:11:01 GMT

GET
H2 200 fontawesome-webfont.woff2
gadgettendency.com/wp-content/themes/zox-news/font-awesome/fonts/ 70 KB
71 KB 560ms
560ms Font
font/woff2 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://gadgettendency.com/wp-content/themes/zox-news/font-awesome/fonts/fontawesome-webfont.woff2?v=4.6.3
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/kai8t3ug/7nfu5.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73

Request headers

Referer: https://gadgettendency.com/wp-content/cache/wpfc-minified/kai8t3ug/7nfu5.css
Origin: https://gadgettendency.com
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 71896
last-modified: Mon, 11 Jan 2021 15:43:56 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=C5jCMzT2NixZS%2F%2BZIalKSgFPk2VtZLCa9miCNYIDFnkXQfT0SJOT7xbmNbWmkxVn0pmvSPhn1DwPyrh%2F66Qvr1f3QQeIc7gpfv4mtUFVh41NJa5rrjWZecdXeDfSmgQEbLi8T0v0xBM6uK%2FsBrD94V0%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca3beea5a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 b782caf931d62641a452af67ba5562f8
secure.gravatar.com/avatar/ 5 KB
5 KB 184ms
60ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/b782caf931d62641a452af67ba5562f8?s=46&r=g
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: 6d6e7a86f0a205f0e28d95e94e504db9f8ed590dc76dd75ce19d48fd54cf4fa7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT mxp 3
date: Sat, 06 Nov 2021 06:13:10 GMT
last-modified: Sun, 18 Apr 2021 14:58:06 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="b782caf931d62641a452af67ba5562f8.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/b782caf931d62641a452af67ba5562f8?s=46&r=g>; rel="canonical"
content-length: 4879
expires: Sat, 06 Nov 2021 06:18:10 GMT

GET
H2 200 Malicious-code-found-in-popular-NPM-packages-coa-and-rc.jpg
gadgettendency.com/wp-content/uploads/2021/11/ 29 KB
29 KB 574ms
574ms Image
image/jpeg 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/11/Malicious-code-found-in-popular-NPM-packages-coa-and-rc.jpg
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f32c2fd0c2e692f7810065b4479dcf59fcf858e2f6db8c2ddd6801d000776889

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 29638
last-modified: Fri, 05 Nov 2021 10:02:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=n95BNJryVeLBzZAXH88gXmphogLMiMBHE2WveHbOz5i8DzAJZ9w0wzrWUNZAzohZMbTaaUj36zH2LfAITRMmvDYYEPwNBGBEZPaqscdSt5xyIaK4fxUFwNXfeU1xGNOL6ktcmu5CZo6W1btFsxbAI2U%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca3ef465a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 Hackers-exploit-the-theme-of-the-Squid-Game-to-send-400x240.jpg
gadgettendency.com/wp-content/uploads/2021/11/ 22 KB
22 KB 570ms
569ms Image
image/jpeg 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/11/Hackers-exploit-the-theme-of-the-Squid-Game-to-send-400x240.jpg
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d5c1a4275a0d06560b9825c23dcc980f628c36594152b3c492d010a4b7856e8

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 22263
last-modified: Mon, 01 Nov 2021 10:11:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=tGb6ZQypb%2BA0ZNoPCYuLxTqWMp7OyvAocx6%2B%2BEZ4m%2Bf%2BHUb9JtFHYTMdyxWaZMmUqgU1bkMOzd9o1g1oFC1R1o%2F3JOB6yy52oUzLXgEarfpElsa%2B0mc8%2FCPfPquW%2BoCKSM3A%2BEF54GbrEmIkRAnEEMo%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca41f715a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 Rare-malware-with-superuser-rights-attacks-Android-devices-400x240.jpg
gadgettendency.com/wp-content/uploads/2021/10/ 19 KB
20 KB 565ms
564ms Image
image/jpeg 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/10/Rare-malware-with-superuser-rights-attacks-Android-devices-400x240.jpg
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8626f41758de97aac96928550481784cf5c037885e159cb8912642f130b36b7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 19676
last-modified: Fri, 29 Oct 2021 08:07:55 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XOV72j%2B9xJsBzwCyUNUPow5tLAngOksSsu48MchceqjZqaai4bgM0C%2FLobcUDuhpF3STimFXhHIcpV9U%2FM5tXm5F8PLjSJxBtvRv3Lvicp%2FJbtiAbpd%2FJk2G6aa8vSsecrdHnpLsyaB739TcXoJD0RQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca41f745a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 South-Korea-extradited-Russian-hacker-to-US-400x240.jpg
gadgettendency.com/wp-content/uploads/2021/10/ 15 KB
15 KB 590ms
589ms Image
image/jpeg 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/10/South-Korea-extradited-Russian-hacker-to-US-400x240.jpg
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c6d0f855f5e7c10459aaf45b7c98ada3539053abae1138ed089fa967e2d5354c

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 15023
last-modified: Fri, 29 Oct 2021 07:32:53 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=x560zsXz99Oq2lCbg4EmZUDKinB5BpQrvnuhZ6TDUxqh%2BdX4Vr6RA%2FW%2BzaIsCYKydaAzUMcL38s84YFcHmnPxDGV79oPzfAI2HQpYYJP%2FzZwWKnQ68nSKVQU9%2F8EbbQVXACCZ%2FdV9gQ0m8ZTLwOgnzM%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca41f775a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 Hacker-stole-784000-worth-of-assets-from-a-cryptocurrency.jpg
gadgettendency.com/wp-content/uploads/2021/11/ 337 KB
338 KB 924ms
924ms Image
image/jpeg 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/11/Hacker-stole-784000-worth-of-assets-from-a-cryptocurrency.jpg
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7c9fc339ba0fc4535a6e3305dad1e9f89e495ac45e6b804a65d312591d670eaf

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 345122
last-modified: Fri, 05 Nov 2021 19:53:49 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2drsr4P8apTg%2Bg5KtVysK00F%2FeU7Jfhjg4OBRrGiCX4gNOW3WXeStrO%2FcquKAfGUOIBDAIGStQgF5qOt%2BXAgeYm78I6mGjSXv2pD13rMSiC9WK6vULoSVWO8rcc2TzYLBb9qN8%2BrGO2ZW%2FEisj5I%2BAE%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca42f895a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 98ff4903d3afe40ffdce32b961cfe7fa
secure.gravatar.com/avatar/ 3 KB
4 KB 147ms
63ms Image
image/png 2a04:fa87:fffe::c000:4902
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://secure.gravatar.com/avatar/98ff4903d3afe40ffdce32b961cfe7fa?s=46&r=g
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: a33a3681afeba42758fc5b8bb14549aef666007b85645ad6d2ade9e3b0f56bc6

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

x-nc: HIT mxp 3
date: Sat, 06 Nov 2021 06:13:10 GMT
last-modified: Sun, 18 Apr 2021 15:02:03 GMT
server: nginx
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=300
content-disposition: inline; filename="98ff4903d3afe40ffdce32b961cfe7fa.png"
accept-ranges: bytes
link: <https://www.gravatar.com/avatar/98ff4903d3afe40ffdce32b961cfe7fa?s=46&r=g>; rel="canonical"
content-length: 3507
expires: Sat, 06 Nov 2021 06:18:10 GMT

GET
H2 200 Intel-has-disabled-DirectX-12-support-for-some-of-its.jpg
gadgettendency.com/wp-content/uploads/2021/11/ 710 KB
712 KB 887ms
886ms Image
image/jpeg 2606:4700:3036::6815:2728
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://gadgettendency.com/wp-content/uploads/2021/11/Intel-has-disabled-DirectX-12-support-for-some-of-its.jpg
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3036::6815:2728 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc6bcca92dc07dd2c19ffcfecd5622aa3fc4993a8f9bd639c6b380373899637e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 727476
last-modified: Fri, 05 Nov 2021 14:34:52 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VMhJJe87vpf81eJq7dLWFhE5Y9wGjb6fiSGyiuh%2BU40wa1H%2FxjApaO2mUUCK7%2Beuzbq1FTxldvivKtI8k0wvD9OqdWr%2BV94dBzS1JJqTJltCEqSAENp%2FpoigJmQYQxE7zmmKoyUC%2Bz85hl90O8ISGMw%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: public, max-age=16070400
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 6a9c2ca42f8b5a37-MXP
expires: Sat, 13 Nov 2021 06:13:10 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 208 B
643 B 141ms
49ms Script
text/javascript 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=gadgettendency.com&callback=_gfp_s_&client=ca-pub-8819900454201426

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8819900454201426&plah=gadgettendency.com&bust=31063413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

2ce7f5b3e1e22ff02e3754499415d16de10c4c44d638f79d5df6377975d8e07a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 198
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
792 B 160ms
50ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=gadgettendency.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 149ms
49ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gadgettendency.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 6B73 162 KB
42 KB 492ms
491ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&adk=1812271804&adf=3025194257&lmt=1636179190&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179189757&bpp=574&bdt=242&idt=694&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6054264249085&frm=20&pv=2&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=713

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9035a162a02db5ee862d0b1fa047bfb347db4389b344e5785340033a3dfbcdf3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:10 GMT
server: cafe
content-length: 43188
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Nov 2021 06:13:10 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1621 83 KB
28 KB 677ms
677ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=1049579053&adk=3004737011&adf=2535633344&pi=t.ma~as.1049579053&w=642&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190365&bpp=3&bdt=851&idt=111&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jtMZJYOdua&p=https%3A//gadgettendency.com&dtd=116

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3b0036128943d6d0f94485a63023fa8ccff064fc3f61ff6d05430b2c6e739ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
content-length: 28401
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Nov 2021 06:13:11 GMT
cache-control: private

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 260E 70 KB
26 KB 505ms
505ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c2b9842ddda9f9f4d465d887aa2be4db5cd61f7be40325ced079a61403ff660

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:10 GMT
server: cafe
content-length: 26463
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Nov 2021 06:13:10 GMT
cache-control: private

POST
H2 200 collect Show response
www.google-analytics.com/j/ 2 B
209 B 48ms
48ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j93&a=442556974&t=pageview&_s=1&dl=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&ul=en-us&de=UTF-8&dt=Malicious%20code%20found%20in%20popular%20NPM%20packages%20coa%20and%20rc%20-%20Gadget%20Tendency&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=455972142&gjid=1875656343&cid=1397844960.1636179190&tid=UA-169224141-1&_gid=1029047999.1636179191&_r=1&gtm=2oub31&z=1766962761

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://gadgettendency.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:10 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://gadgettendency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame D005 84 KB
29 KB 506ms
505ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a938bc7ba59efb88cfb963b6e9b35166b1e02953897e4b6fdc2c71d96a712f59

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:10 GMT
server: cafe
content-length: 29121
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Nov 2021 06:13:10 GMT
cache-control: private

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 7 B
447 B 107ms
35ms XHR
text/plain 2a00:1450:400c:c08::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j93&tid=UA-169224141-1&cid=1397844960.1636179190&jid=455972142&gjid=1875656343&_gid=1029047999.1636179191&_u=YAhAAUAAAAAAAC~&z=1132827758

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c08::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://gadgettendency.com/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sat, 06 Nov 2021 06:13:10 GMT
content-type: text/plain
access-control-allow-origin: https://gadgettendency.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 142ms
52ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-169224141-1&cid=1397844960.1636179190&jid=455972142&_u=YAhAAUAAAAAAAC~&z=813168184

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.co.uk/ads/ 42 B
501 B 140ms
50ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j93&tid=UA-169224141-1&cid=1397844960.1636179190&jid=455972142&_u=YAhAAUAAAAAAAC~&z=813168184

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:10 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET 3387408963016836100
tpc.googlesyndication.com/simgad/ Frame 260E 0
0

GET
H2 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 260E 19 KB
0 132ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:59:25 GMT

GET
H2 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 260E 3 KB
0 154ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 260E 15 KB
0 145ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET
H2 200 rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 260E 68 KB
0 146ms
52ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 260E 0
0

GET
H2 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/ 148 KB
53 KB 61ms
61ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111030101/reactive_library_fy2019.js?bust=31063413

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33899f713a0c32997eb03f10e40d94c950660a6362f23231dc23da3268d738b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53890
x-xss-protection: 0
server: cafe
etag: 7581925232697808980
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 260E 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CiXHj9hyGYc-jIMyNjuwPj5Gv0AuA3oqIZqqUma-DD42A5LbrAhABIKKQ-WZgu4aAgNAKoAGBhdzwA8gBAqgDAcgDyQSqBIgCT9DzXxj3Q9FUfBJxE7NHASfaUKfbj7vBOkA1XC5v6Czw8jtq8bxqo2r73E1jw0fXt66vXYkdpDOPGZAAI-wSRunQQIjs5ZYuZEYqF3FMIDDTom1GyDZhtKuZt_WKwUUZbx05c-s1ky4CO6ypK48kiNvbZ2Dcm5QNr6Hv1w3sucXJUsuhZZGO805hSXNTwIoF_VzyTEgYTB7XIcx6oid7s5PYxnOuRvZBP-YNmFfFTUcGYqn72rdSWGdGWyilbeRfs2hyQXtuxfKPt0SutwBxl6rqTtzzbnoiKyQHyKUt0kTQrYpa5m1OcEo6THd7O6eDFhkQRUFa7zmF35GgipsZhugqAHGunb8twASZjuLN7QOSBQQIBBgBkgUECAUYBKAGAoAH7OGk6AKoB_DZG6gH8tkbqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwUQ_cuRAdIICQiA4YAQEAEYX4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04ODE5OTAwNDU0MjAxNDI2GAA&sigh=gkD1Cxotw9w&uach_m=[UACH]

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Nov 2021 06:13:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET 17455069647866089125
tpc.googlesyndication.com/daca_images/simgad/ Frame D005 0
0

GET
H2 200 abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame D005 19 KB
0 115ms
42ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:59:25 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame D005 0
0 67ms
67ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CdcUN9hyGYdK2IdWz3gOvqomAA6idpKRm-qf-34YPv-EeEAEgopD5ZmC7hoCA0AqgAaa4xYcDyAECqQLA5x7KWaW2PqgDAcgDyQSqBIoCT9Cj6BWaQAlHodNQsxvSfjA5NSg1qyE9vx-GkgDfrbt9KtqJ9j3Ljl85hc6hmdKzwYPYpUkx4zaZfb7fKjWuNI5vVfbqJ9ltC6RyQrpvB8Xjy4VQiJmOCJi7t2xKJ3xOqZaMbuBBRqQxE-orBFOal0OhmjtHxk-r49btZNXB-ALcR6VaB956XTGDxhkTefT-f9P_2Hu6zKrMHQYjvPNYLVHy0R4d_eB2uv0AxD0hFcZJiptHKhAlYWMVMaYAkWxwjHXMDPTfxrtL0WAX822XgOGzLiR6SyGpwoN0dqOiFZwub-Hk74TSGBZrCvGEDR_tTqyzHWeUh4Ce8ifujwcifEu4MGyzB6Gp1JnABMLDwtbrA5IFBAgEGAGSBQQIBRgEoAYCgAfCx7p4qAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJa3N9IICQiA4YAQEAEYX4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04ODE5OTAwNDU0MjAxNDI2GAA&sigh=DAqOfhKlTAQ&uach_m=[UACH]

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Nov 2021 06:13:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D005 3 KB
0 133ms
68ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame D005 0
0

GET
H2 200 qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D005 15 KB
0 126ms
64ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame D005 0
0

GET
H2 200 g.gif
pixel.wp.com/ 50 B
116 B 30ms
29ms Image
image/gif 192.0.76.3
AUTOMATTIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.wp.com/g.gif?v=ext&j=1%3A10.2&blog=182539140&post=72464&tz=3&srv=gadgettendency.com&host=gadgettendency.com&ref=&fcp=1464&rand=0.48861642015133167
Requested by: Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 192.0.76.3 , United States, ASN2635 (AUTOMATTIC, US),
Reverse DNS
Software: nginx /
Resource Hash: f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

access-control-allow-origin: *
date: Sat, 06 Nov 2021 06:13:11 GMT
cache-control: no-cache
server: nginx
content-length: 50
content-type: image/gif

GET
H2 200 integrator.js Show response
adservice.google.co.uk/adsid/ 107 B
165 B 51ms
48ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.co.uk/adsid/integrator.js?domain=gadgettendency.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
165 B 51ms
50ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=gadgettendency.com

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 012F 18 KB
10 KB 587ms
585ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=5919063673&adk=2919542279&adf=436026530&pi=t.ma~as.5919063673&w=642&fwrn=4&fwrnh=100&lmt=1636179191&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179191107&bpp=1&bdt=1593&idt=1&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ebf11ac25f3121e-22a9396630cb0059%3AT%3D1636179190%3ART%3D1636179190%3AS%3DALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw&prev_fmts=0x0%2C642x280%2C300x600%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=BTqgIzkWV5&p=https%3A//gadgettendency.com&dtd=9

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3ffb9b264e7b5f543a953c5fd8afebda81a759f18a25660c949d3c8f016dac86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
content-length: 9728
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/ Frame 890B 11 KB
5 KB 41ms
41ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 18:47:31 GMT
expires: Fri, 19 Nov 2021 18:47:31 GMT
content-type: text/html; charset=UTF-8
etag: 2948287274155451234
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4905
x-xss-protection: 0
age: 41140
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 8D80 15 KB
9 KB 998ms
998ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/1q0d2doh/7nfu5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

755e17cb657ab342cd8387dd32189dcdbad5111b6dc790b920b1aff974fa928f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:12 GMT
server: cafe
content-length: 9137
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame AA4F 15 KB
9 KB 606ms
605ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/wp-content/cache/wpfc-minified/1q0d2doh/7nfu5.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4e9cfcda329277250d7ab4836e11686e1ae3a624a20b93836a3d65783197bf0b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
content-length: 9047
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 css
fonts.googleapis.com/ Frame 1621 2 KB
782 B 51ms
51ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=1049579053&adk=3004737011&adf=2535633344&pi=t.ma~as.1049579053&w=642&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190365&bpp=3&bdt=851&idt=111&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jtMZJYOdua&p=https%3A//gadgettendency.com&dtd=116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 04:51:03 GMT
server: ESF
date: Sat, 06 Nov 2021 06:13:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1621 2 KB
990 B 41ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:08:00 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 1621 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:59:25 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1621 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1621 120 KB
37 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 1621 15 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 1621 27 KB
12 KB 136ms
41ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 04:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 30 Jan 2022 21:11:57 GMT

GET
H2 200 shopping
encrypted-tbn1.gstatic.com/ Frame 1621 7 KB
8 KB 149ms
41ms Image
image/jpeg 2a00:1450:4001:812::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://encrypted-tbn1.gstatic.com/shopping?q=tbn:ANd9GcRYMgRrnUkWuFsUXPjcOPj-9V-mMsaK-XpB6LOSoH8AywKrJGy5&usqp=CAI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53c85a63a4a55be5fc2ad9a1ffca9a24c290bdfe918c55dcad41b7d9180661f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sun, 31 Oct 2021 19:12:24 GMT
x-content-type-options: nosniff
age: 471647
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/images-tbn
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7443
x-xss-protection: 0
last-modified: Thu, 20 May 2021 02:06:39 GMT
server: sffe
report-to: {"group":"images-tbn","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/images-tbn"}]}
content-type: image/jpeg
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="images-tbn"
expires: Mon, 31 Oct 2022 19:12:24 GMT

GET
H2 200 adview
googleads.g.doubleclick.net/pagead/ Frame 1621 0
0 66ms
66ms Fetch
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CswDG9hyGYYjMH4Pe3wPBmp64DNfqkd9l8YrppNYOv4yT8-kpEAEgopD5ZmC7hoCA0AqgAYHRmr4DyAEJqAMByAPLBKoEjgJP0L3gCWVvmExv_4yto_ZpjkDLQMZyC2M2Q1lLDZcSz0nUZBsOj_ODj-SI9YXdskXdz9ugcxl3-w2vap_em0MenG_xsjKGImseYgHplUvV2IEX56pTBtGeVcxivWOwUhPCAqISsf_zlTYa6jIcrweXOWRUKhneHGtyN9QEqiCAxAGpyWVBBdhTQVM7PQP8Mnqcn_axIqjYS3Ch1R4mq8bb4fpwiE-vqTJdSV_VmS1QQUFeM3-EoPD1WxUJoSxl8jZFbPfhlTbsj8P41KhfFYtrY-pOLVXULgT2ihqQ3zhxeTO8NebuN2l6gSq1egA3PWi4j_Z9WyKMRcoMAq6O8IpB-QMAAZmnGFyFJUPlvQLABLGEgoDcA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAYugAfnruVBqAfw2RuoB_LZG6gHjs4bqAeT2BuoB-6WsQKoB_6esQKoB6a-G9gHAPIHBRDqt6gB0ggJCIDhgBAQARhfgAoByAsB2BMO0BUBgBcBshccChoIABIUcHViLTg4MTk5MDA0NTQyMDE0MjYYAA&sigh=X1osTNsORSg&uach_m=[UACH]&template_id=494

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=1049579053&adk=3004737011&adf=2535633344&pi=t.ma~as.1049579053&w=642&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190365&bpp=3&bdt=851&idt=111&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=717&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=jtMZJYOdua&p=https%3A//gadgettendency.com&dtd=116
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Sat, 06 Nov 2021 06:13:11 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H2 200 css2
fonts.googleapis.com/ Frame 890B 4 KB
708 B 49ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 04:46:58 GMT
server: ESF
date: Sat, 06 Nov 2021 06:13:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 890B 205 B
296 B 121ms
49ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 01:20:13 GMT
x-content-type-options: nosniff
age: 190378
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Fri, 04 Nov 2022 01:20:13 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 890B 604 B
892 B 120ms
48ms Image
image/png 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 21:38:54 GMT
x-content-type-options: nosniff
age: 30857
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 05 Nov 2022 21:38:54 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 890B 19 KB
8 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 02:17:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 14158
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8166
x-xss-protection: 0
server: cafe
etag: 3013067873597081824
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 02:17:13 GMT

GET
DATA 200
OK truncated
/ Frame 1621 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8996e5db5c4272a936fc92fbed9d9d7e4f8b15a0e53b64c166b389ae62fca300

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2
fonts.gstatic.com/s/googlesansdisplay/v15/ Frame 1621 20 KB
21 KB 137ms
43ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesansdisplay/v15/ea8FacM9Wef3EJPWRrHjgE4B6CnlZxHVDv79oQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%20Display%3A400

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:28:40 GMT
x-content-type-options: nosniff
age: 175471
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20900
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:16 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 05:28:40 GMT

GET
H2 200 9703f06907c5d574db4d8eade29cba29.js Show response
www.gstatic.com/mysidia/ Frame 6725 8 KB
3 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/9703f06907c5d574db4d8eade29cba29.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b1ea339daaa89b586a011d5bd1950ac69401da87ac9b364d631847cf3e2cd7ca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:09:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 176649
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3339
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 01:47:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:09:02 GMT

GET
H2 200 b6c1ef2ba718655096e7e7c9cd7f6001.js Show response
www.gstatic.com/mysidia/ Frame 6725 11 KB
5 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/b6c1ef2ba718655096e7e7c9cd7f6001.js?tag=pingback

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

85cffc3ea03a13a34a0840865f223c69988c6001820d74b50a7f85831611272e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:01:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 177083
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4913
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 01:47:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:01:48 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 6725 3 KB
653 B 50ms
49ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 05:37:21 GMT
server: ESF
date: Sat, 06 Nov 2021 06:13:11 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6725 2 KB
946 B 40ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:08:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 311
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 885
x-xss-protection: 0
server: cafe
etag: 638833322182864030
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:08:00 GMT

GET
H2 200 38d45364f1df56473667ffe8d7339236.js Show response
www.gstatic.com/mysidia/ Frame 6725 5 KB
2 KB 50ms
48ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/38d45364f1df56473667ffe8d7339236.js?tag=analytics_pingback_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de3c0136d39707fcaaba7f5171a29de11d42b2b3682894627ba570350add9c1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 05:25:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 175690
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2136
x-xss-protection: 0
last-modified: Tue, 02 Nov 2021 01:47:38 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Wed, 02 Feb 2022 05:25:01 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 6725 19 KB
8 KB 41ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:59:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 826
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7933
x-xss-protection: 0
server: cafe
etag: 7671872550847203596
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:59:25 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6725 3 KB
1 KB 42ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6725 120 KB
37 KB 55ms
54ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 6725 15 KB
7 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET
H2 200 5193475774055ccce470a7af02e48ef6.js Show response
www.gstatic.com/mysidia/ Frame 6725 27 KB
11 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/5193475774055ccce470a7af02e48ef6.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:11:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 378074
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11340
x-xss-protection: 0
last-modified: Thu, 28 Oct 2021 04:53:03 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="mysidia"
expires: Sun, 30 Jan 2022 21:11:57 GMT

GET
H2 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA76 143 B
222 B 41ms
41ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 06 Nov 2021 05:37:38 GMT
server: cafe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2133
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame EA76
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

0
216 B

60ms
60ms

Document
text/html

2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 06 Nov 2021 06:13:11 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame D38A 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211103/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame E163 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378222
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

POST
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6725 0
121 B 75ms
75ms Ping
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=mys&d=CgcIByoDd2ViCgcICCoDbHRyChwIASoYbGFyZ2UtYmFubmVyLWV0YS12YW5pbGxhCgoIAioGc2VydmVyChoIBCoWbXlzaWRpYV9hbmFseXRpY3NfZXhwMwoNECshAAAAAAAAHEAwBAoNEAMhAAAAnJmZUEAwBAoNEA0hAAAAAAAAAAAwBAoJEB4qAzB4MDAECgkQGSoDMHgwMAQKDRArIQAAAAAAACJAMAQKDRAQIQAAAAAAAAAAMAQKDRARIQAAAADArtFAMAQKDRASIQAAAAAAACBAMAQKDRATIQAAAAAAABBAMAQKDRAXIQAAAAAAQFlAMAQKDRAUIQAAAADA8tJAMAQKDRAVIQAAAAAAACZAMAQKDRAWIQAAAAAAABRAMAQKDRAYIQAAADQz819AMAQSGkNQckx3YnVLZ19RQ0ZkNnJkd29kODhvTTVRIhp0ZXh0L3ZhbmlsbGFfdGV4dF9jbG9zZV92MigD

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/mysidia/b6c1ef2ba718655096e7e7c9cd7f6001.js?tag=pingback

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 73E8 624 B
344 B 51ms
51ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMmKnQEYofCUmwEwAQ&v=APEucNXdFsI5896IsEWHwTuWXVXyDDVY4jv1ejL-_K4DK1f8ZE7hZSEJ6jKxJzTRxVYfUvRbZJCiFG7T3D6bxQeSdAp_20mAnKdSHFGaL8Wnha2Oi6QMUsXSjQWCujQm2xo-6bCasuJ3VXZ4FL4kqiCpytyM9kg_f4hX9TICdnfPwDjZxKIJt8U

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=5919063673&adk=2919542279&adf=436026530&pi=t.ma~as.5919063673&w=642&fwrn=4&fwrnh=100&lmt=1636179191&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179191107&bpp=1&bdt=1593&idt=1&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ebf11ac25f3121e-22a9396630cb0059%3AT%3D1636179190%3ART%3D1636179190%3AS%3DALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw&prev_fmts=0x0%2C642x280%2C300x600%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=BTqgIzkWV5&p=https%3A//gadgettendency.com&dtd=9

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=5919063673&adk=2919542279&adf=436026530&pi=t.ma~as.5919063673&w=642&fwrn=4&fwrnh=100&lmt=1636179191&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179191107&bpp=1&bdt=1593&idt=1&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ebf11ac25f3121e-22a9396630cb0059%3AT%3D1636179190%3ART%3D1636179190%3AS%3DALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw&prev_fmts=0x0%2C642x280%2C300x600%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=BTqgIzkWV5&p=https%3A//gadgettendency.com&dtd=9

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame A9CD 79 KB
31 KB 92ms
92ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjpQ6newSNgwk6vNSsrB0aVspdw1wMTs0wRGNwTbbiwIm2v6cWaL4uM1YW2adFfv2Ckm-96Oswal9dCHq54gsb3IdHtnzuJ75-vaMTpKYTNYBg6XJ8B1tFGxG_EYI1ua4zcEBjJDf09nq9ZAgx61m6EtAGvA&dbm_d=AKAmf-CqHGY5eNnPkVwxld-zhy0O7D3xMIsTa0U0bhF-LA-30quznngdlzbIo6CUJmeTxCymPBbT7C94uXEPjrcMlHQpwYzerz83xr5Nft8s8RtQcY58kW9TB9GcWdVBhmwisIrUaFBUemwyb8TfCAvV0GMtp7T4cX4M-PK4FSu_GZ5E7HW-nm43rptIGMNfu2akmgXWG1YIyXF40gda7_f_tH_RHlA5dAZs3Ty7SRrVnAMueB8WYICJiWRG6OkPP-BXJpz3hluilpQEjtNsP2dbMc2PAlHxmrq6JMZ1Dqd4QdQr00H-6d4H40mFIh93yXZWItNS_5Vm81V-ZgXvLcK3hfBbGUUuow_xvsN1gNHwvsMsoI3Vo-CdNjEhPBnDx9KRpEZl024biju3OoJQgGDgm54er6gAVo2qIX7wz50bBnEdZAXO6MA1jnXQGRbrJQnVMPVnOGidlV57xHD-HJvCSQ9L3Np-cLZy6AaD6gWNmYfS4vVWb-ITLjhLntajdUqSU2se0tLO14HUASTtaxjnNc9e45sMQKRB_h7oHmGuupD9yR_RKfORexQ16jqer6jiRviZIUXJ0F4vri_3FvG_xpTGkdWuc04_VTQqwqGrOd_eIWE621N-zhDkiBIRhf1UoQGm8ssYpzBhuInLUAe3zod7BS_0KZhBD2k0qzPxPQAv8NKp0aAUHEi2mP_qQwUVJOubDZ9wn_RAPZ9k5hV-TvnfVRny_bZPqytEENSi5_c7KmZXwormoQsoXh6oNNf3PHZ_y-3UvAV1ET7YJCUaf15fsF2HJkOX6m9ERVGkP_t66u-on1C7bTnI3BJ_AJKxVcRdX9wG9ebDDC_0O9ofJ8tWKYrPTBQOh_kVbCpgBwdsSnI8X-UL7VWV2SSeCWGpufI6-Iy4MFVIsGIQt48o0WPB3KJfBwmI2C42a5tdq2g4ydxBzEAZ6GbwiMM2XQ20YYs274LFHsl71Z8dkweeEwqgLaBb8ciVLzP9YkuptWc_uEIVEbUTGH1RuEv3RfLHfJnB8lB2MVb9PVufoVd2yvUOjb1RFXXdnIXG_aFNFtBNLaFjd9iP3cBaShIEm879C9BCCsh0bsSx5luV2KZea0MOJefZvoh413kJGY01H0jfOHUOr--8dREPojtEINCSvcIfxC_uf4o9fwTRts4Dq8E9dOeY8AYFzSt7TuxhFSa-1qbgzcNf3pJDvcdlAz9N1UdT_MM-i-8xoujtFyVa1DazOYS3R_Cpb4IQOxyIXroYS3x5r14o1msnFQpCgfvCnV805qTaAQiXoeaN7giBIjjs7pmrd5ZSu9DXMIwggkDzaRNX0bf6e9DD5ec_2GZTfEi39Xe9QyoFuhaY-j2mzbvdyumNZ8x_5L6WhYXn7lRk7BTiHQ3AlUifPeJS9YbdgWHjYNqiZ63-xYipqC9ow0TNjIEadh2RFHfbPdu9cxQQhYTA1BsKOqFfKliiqaa5NZ9OImnUSJDWpFXy2K7RMqMV0heOCnW6cI1jeeY0W36bzv6rgS5Cict3pVY9Sb3ZkW6UW8-DXLiWt_IKEH1pxFLnyP7xGn7EBwSTLmj8JGnf9sixRCe4AiilUDTjxCKO987rq27W_zXl56f83E3aUzqojg8rH2eNRqD-tORKFllwNwNOJCgrObH3C7fQk6tu2XF9yGhFGRFRYOlnu41vx_uyfgzCSHVhPogImE38unv1-0xAgamGcULhmTUylvm9Qkv4TjYkEnPEQ-uR-CvBWSUnPUVdIvix2mLIQsFiv8J1nnobweiTUAaS8hCrpyAsItQKbVDysUfxpPTlEGxXT8D-3eS0bRGfGNIqsvcYKiBi2KA1osJNPBh_CUQDaEHQM9kcUjwx0fRYPZy3eyrIwOHJ9tzMfWrLeTmP2mN3ZNkjZjM416Se1jTJcoLnJDSehCDpYZHMtSVOB_h8c0qgNBxn-6yzqvFb0Wvl4c41BWJlfmd9xvzQTbDfwMT4TNW5lpeHD7qMtH0a0Yom8WLUlm0zu4jTmU-Ji-VNiJPw6FZrSSFMuRdXd8eVWibMu9PdXCSPLG1nfGeto-bof0qDarhkqW9Tijj_xOhj5AR8miBCTzMANQlXJnlxRqWv2Rmvx9n8TRERzckhtHyXWEvCA6PDTdSDXsot1ZMfxSmPau7DD_8sRiElu3kmw5DnN13EYSS49eo_CM2yT6kNJqQMjXqzJyUIUT3pgo2vVhNTc3jTDzBVVQQk8jPrprizJVtqYHZKIaVz42x7rbharu0KSvxaX_XV8LlpM8XuZHCld05rsKf4C-0zpJ62UcfOizwkrjKzRZRIY8BhTXdTOZXdo_BjYwHx0_xRrrAwO8Ia1kOFIPimC7xFATI1q4f3hf-P8f_fyAzTP-EK81V9Ptk_LvL_nRr-NSCZCyC8nnwyGVyiOxqFVjaEKfuC8lpMgMnKBBXleXJPnHvctwUX3xceW8fIEnFrHv2iLgiZ6ouDrdX8a-oqCoCPoFCT-SkMCAzDsRcChpArIpsasmWvDOoaNhnmCK9HzP1T5PkAvTFpQDXmvabeJFx1N3hiCzwxp13FcV4UyvNJlnUd40kX_0n5XMFBBOtTNM0kP2-1y3L0nJma8OpV25oZHSwIVtiE8I8GqSiz_UF_5JVzkIyNiLE2zLWpJlEZZzqrR2mYvfc7y55PTrgYJ_MYvkg6jrS1yymyHQNy1P4W7LP56a-jS_83Z7fedfuAc2wst8eBNhtGW7U4mlP3HJ8qkgDg5UVn-unEBY0R-6P4U3x7wmv45bFryApScImnnwk7RDLWWou7x6qaGqGUloiMF_f0t1-BvOStQ3yRqtc5ZxPst_n58ZsuFj4n42V71peT0ZHeGhj_Pd4YBc_xwLzKNLkiJlVsOZeJMzrptaTs9cPxb5pqeXcGGi_PFZa3DOaoO8cfuNZQu4U5An4toXbn4dXJH8rK5x9aW6KNKQNc86oyhVCA6wfsxlVH2UK2qKGlreARYvePmNQ9CqJFsK5VZp1f4kIiiQmSfKb3ahdseG1d1ZmHLJfey-uPeVUhuHgDFv1tYLdsY6bvk1ORJ1uBm2wRO48UDI0cgXcpyVjZUSnCi1hsVGmRNQeN5yQX61GThJwN2B-hBQU1lw7S0BG-mBg0wzgRF0G7rIVLhS4M_ab9Esd2hhCaf-5wsWPVKb-bKHK-G5tnFn6mzCd6nYR-AHAGqUZECIRwIOvYTuyCjHka08e-bms-knnqAwkfGg&cid=CAASEuRoBmYMJwWFYVHjD0GdSN-NBA&rfl=2%2Chttps%253A%252F%252Fgadgettendency.com%252F%240

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d426d835b7a0f1de91a27f862c5612d83912b2601f51a9b45ac3bd3409cfbc4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=5919063673&adk=2919542279&adf=436026530&pi=t.ma~as.5919063673&w=642&fwrn=4&fwrnh=100&lmt=1636179191&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179191107&bpp=1&bdt=1593&idt=1&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ebf11ac25f3121e-22a9396630cb0059%3AT%3D1636179190%3ART%3D1636179190%3AS%3DALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw&prev_fmts=0x0%2C642x280%2C300x600%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=BTqgIzkWV5&p=https%3A//gadgettendency.com&dtd=9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31214
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A9CD 3 KB
1 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9CD 120 KB
37 KB 51ms
51ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame A9CD 15 KB
7 KB 40ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame A9CD 42 B
110 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-Dcaa5_HBs-yBnZzxPkdZaV_V5a3gISFVmsJ2jt9E-PLvfg_nQRRW_IGL07dQehEUEkOgp4lhftaxEJ4C4UEYvnrmssvORMWpIfwERuYHHgz2dOesU

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 73E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1&C=1

43 B
1012 B

72ms
72ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMmKnQEYofCUmwEwAQ&v=APEucNXdFsI5896IsEWHwTuWXVXyDDVY4jv1ejL-_K4DK1f8ZE7hZSEJ6jKxJzTRxVYfUvRbZJCiFG7T3D6bxQeSdAp_20mAnKdSHFGaL8Wnha2Oi6QMUsXSjQWCujQm2xo-6bCasuJ3VXZ4FL4kqiCpytyM9kg_f4hX9TICdnfPwDjZxKIJt8U
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 06:13:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Nov 2021 06:13:12 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 06:13:11 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 73E8
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YYYc96InyZJZ-asUvTy0tgAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1

43 B
892 B

55ms
55ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMmKnQEYofCUmwEwAQ&v=APEucNXdFsI5896IsEWHwTuWXVXyDDVY4jv1ejL-_K4DK1f8ZE7hZSEJ6jKxJzTRxVYfUvRbZJCiFG7T3D6bxQeSdAp_20mAnKdSHFGaL8Wnha2Oi6QMUsXSjQWCujQm2xo-6bCasuJ3VXZ4FL4kqiCpytyM9kg_f4hX9TICdnfPwDjZxKIJt8U
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 06:13:12 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 06 Nov 2021 06:13:12 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEIaCmonMK-1tiMPIX-2rXS0&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 73E8
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEFGu5jN0tW_pO7_o1by8hmo&google_cver=1

43 B
1006 B

86ms
44ms

Image
image/gif

37.252.172.250
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=101&code=CAESEFGu5jN0tW_pO7_o1by8hmo&google_cver=1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CNgBEMmKnQEYofCUmwEwAQ&v=APEucNXdFsI5896IsEWHwTuWXVXyDDVY4jv1ejL-_K4DK1f8ZE7hZSEJ6jKxJzTRxVYfUvRbZJCiFG7T3D6bxQeSdAp_20mAnKdSHFGaL8Wnha2Oi6QMUsXSjQWCujQm2xo-6bCasuJ3VXZ4FL4kqiCpytyM9kg_f4hX9TICdnfPwDjZxKIJt8U

Protocol

HTTP/1.1

Server

37.252.172.250 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

538.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 06:13:11 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 43e54810-c459-4d00-899f-e67db5f548df
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://ib.adnxs.com/setuid?entity=101&code=CAESEFGu5jN0tW_pO7_o1by8hmo&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 290
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 73E8
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2ODE4MDk3MzAwMjU5NzY1MA%3D%3D

170 B
243 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2ODE4MDk3MzAwMjU5NzY1MA%3D%3D

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 06:13:11 GMT
X-Proxy-Origin: 89.238.142.214; 89.238.142.214; 538.bm-nginx-loadbalancer.mgmt.fra1; adnxs.com
AN-X-Request-Uuid: 9c8f1edd-a8ec-444e-9ff1-f509edacf8d9
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NTU2ODE4MDk3MzAwMjU5NzY1MA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame AA4F 42 B
107 B 74ms
73ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ApC3i5kDQeFONDhMUyMlH_7rtBZGx7sZe3LyOdOpfhjM_Qwsbh97YmyRl3PvhYKIJyRE1eWIVNNBo5Cx4CuECYiBwiPnJ2QC-hQzlZiDWiUZ84Hak

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame AA4F 3 KB
1 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1077
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame AA4F 120 KB
37 KB 56ms
55ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:13:11 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame AA4F 15 KB
7 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 382
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6168 640 B
363 B 52ms
52ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNXHtIjDNfzgd9i_vgPABRKrgvK_wDlkJpofboDkidrdtxlYvaOGXNSZtXuFLW6p-gDbBUuHXsdM_nb1w28ymT00fYl8J5YpdxavL7-WaKaemWQ5gtuy48hI6NQumLe52JgRapHU4-4buTX5cTbDj8ZPY4nNB160fokxscdso3RR4iiIlPo

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 06 Nov 2021 06:13:11 GMT
server: cafe
cache-control: private
content-length: 295
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame AA4F 78 KB
30 KB 99ms
99ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEqTkP1cExAicIfjDNo_YQmHFvNDJyDDFHBb6TBxFSEI_WK2b59htHxiHNrBKoz44DFO0I271vemgYmt2NzDQOHy-iWC3DQteHaNGqQ-HBLHS553Tk9NLMJy2aqKYJAHebbRo8qescSYReZ-VX9II7pjTejA&dbm_d=AKAmf-BzGD6kns3rK3C9ceCYUMpXs754cSldEAWSG-zcMdbat-Kgysz-suiHwlsY0Qksrinu-1sfiIYmkwIS7yqO3nHwDd2tYEz3KtfCJ28SEu4dPlV_N5H83g2SPdliFM5Fhw-ucrXj1dpHvrHB3KVKnqmfW7ITbSAArZu57nAUna4RQvULi_JD4XzZ-BOVtwdq5Q79HeBe7ARnsNLrbziRXjuv7XHOKWje7glzKlrPdzUPRwhsOSIrXfTR-ZEli6T4u5ti6WJyjwPwuDX50JZ_gAGfm6hjnkDWJcikWKX2PyXbGMrp6bVcvId3GjfOv4j-FAdtMpgxTidFoEfykH-iJvntts8sQfSpDyNK0JIT5muUF5axUiFw3ywxLlqGIvGoUDgh6gMLHr0NfoPFbms2O-PKvFaMzd4SYnIkjnK4f35OEEDAoVTsVhsuYo8okrgJQ-q_3q4e0FGes5MzJlL-0T5d8QvAUAAJXzE_7bYke7M_Ufs1GlWECGyo6pcciQ6ED8v3QocT3SkL1SW5bvF2Ujb0wGYHLferVzEUUjG1MMqmfBvPUAu98pjw7CiojbUPnMUbZcw30GViad4Pz6YD-NIPoO0sWz3CknWEFLwP_JFPr_GoZ6tDXme9onqJ0Mtc7ZSrZ7ANSo9B3PyFbs7RSuiKKIsp_Sj4D4IJ2f7rgXvwQ_R-uSSQ65DJxv9AkpT6TOCFGkyTRdCTywoUDJ_1f1G1hG3OQMi-XjgbJI6zCJZM1DVsf0NtKsqar3CESzsQwBhe6tYuxGcgAaBFCCSphjc2H9kBTCcwxtys0BmklZf77SnVohrUyKLoL6NhrR6xT7AGxN9uHx1DIZJfkO5Nn0MJr0yzZHsQf_ezhuDUFpzvvEAZ6NGxSaKUnnaVGS_aNd9I4IBXFCpWQnyOqXWToCQoYih32JTW8Fcp18K_Oj2fBGmqX7h3AItH1YgUr7WvSMOPHDtLKR7UgGP8Zf5L9MbZPKDocI7ccunu1cF9jOUjc7g6ZjsArqUXiS5rL98XAKSGgscNjQdcZYAbQGdHEVf6CD4V4gn1QhJuwollLsDAqRZt_ah1HP9uWjfJ3WISi7GWsFsTpI8QdUDHBrczRmPuKAsypK-gVP2n4uZxi95DGsk9fuocC7zZ_5Kp63Equ40CCvOfcx414dDfETxSXNTfCQO0gFkTjurAwiIRT4OMzANQyWJ2Zgb3VJCfVYL81MsMWb6uPKcDOO7t4CKWWMp7AZZZ1-kReGzU42JOyJlib9l5wF-XlOcd1ZKICi7hae3M7oi8dzNNgKsCgc0BD5hx5ENNzcyIvO0sZGdR4d7KxXWVpc07lYs4xUWGpfXN95ByVZOtK4NZpw-qUUWGcEOMAIqfJe5U9WSe_b7CgOSt6k9YqQRTU11JSeJhg6ARSZ-Y-awq-4pOiZIApPunCN1qWwjXUB4aVhLsxTkzRfBDJNHGFDn_-q8b9Bln2KtQ8hIfebOVV1_8nY40MEg76FiSCVl1ESyURO4gVyDC34OuLHmfRTQ8AAnegL30xPG0lYCQuhOzwz1xm4FFgvy5aPa5Y0cC0uKHDd9UDZ-i5mMe7uZgcQHRvOkkeVFEuVi1VjH7P0xkjyaTm88HxJWaBxamqrDhNawJx46lGBhKmlhf5wHnF2HfB__jS57NVVubXojUZpjEvN0Fhrdq2xXxxQav6qe4X5TRRXzNta4ikY4wgBg6s2rFinNX2fXwL5f0lT5pm-sonwAnJHcooX37lSHjEXUk5ik-X6TDzqcNWegKIGnvILlES9MzFkmzSWKQuNZ6ybZiFoRWddkY7NgrI6eHtZtA4bWLq0DvlCSAheQzON22NUKLAEt-MybNg1wB8x1j6qMURJ28FUpuVI4HkYdjojZlY_LtznQvf1mfLu3GJ0S2cQjystAmxXQWQxlZRlbN2HMPa8nzC_CQr1ssm-8J99QUQ0q0EaKflYiIy7KWLZLLIpw5l8GNcr0WaPiGYL93f-M9xRnrt9v-s64rgWik31unMRqcwaXP2stJ01hJJAsQO5rIUKBmZFHhfBBEXBptIZCAS8_2Ahoa_qRuMKkRNcsnUtGC0Q9BM2P8moTJV-QvRGf-7RVpH8SAUWgNbxTvM-kNtAYlGbmArfSK_EBYqLgbSCaWNDBxl8jsP3jnEyStZCPvzRVwiXPUuPOdwvcITYF3Ma470EOkTrx4u4ZQMeNEgl4J0N4honfYSyMEOU5afmvRMyx985Amsq4Uj1dw-7fs5Lu2Q5Ivnu2YO4X2l_ZqxJZt0RvX90tbGmQ1_iKq9enpRtloxTxJcJpfNZudG421XUCLR8YGs9HGKJ5VJsi6dexjxGNlfgCBfT_gjthdBUOQ1aLTkNXZ7lzQYJjkcXhn02Uc9_1vyx9UndRl2fTayObFM38ueNm7G3CPqu0hrTkftPBXp-ckWdjKfXkbHJyxh2RXyzebA6j_GB6JKkail6uCOGaMoyL4CkdU97xhRqOGdef-2LUZldZf4RXCvYOs9wDkLUhQ-TgotBlV1YoTwbKCgbp0JHla3QblFoHf8xBEqx9uIjMekBP-gEn1NJzD_FJOpkgqcgfdaTGI2LOjqywkaRvH3X8QwNGA3WgzwgvC-evDlAg9OBuJV6PzbDFHpTCYcnuzjJzjaxvCfOZV3veteI21ePZhTFMQ8KLBsFGVR69b01yc4uygPEjMtWa-qZmuNxPbEgi5EHGYmdRnzPjfb8tlpe7oAPi22NSCZ9eKcdiRM0nZO2d9Q3YXXUNPZDTyxdLMbfC7AFbMeFMhqLElF3YJxT7sts4Bp9mpsIEvlaLv8w8uXEzUn3qa01izD09wMsdpJN5oJI0QoScSgNuOMaXMX66waqw493_peOkcAvkMGQ-rT9WTlJ34wtXi3MJ8Wpqh5JkOG-vNAAPlHmKOxFkP57iCsd7bQNxKcSPq-3pFtmYSfcTM5Ufh-5b8_RyotWmDq18lVQ7vvGFkQvAJKsKiAUbXUcJkK5tjAb2zd7k31DHogpKsWdvaBoCz9qS_HRKOd4cWah2s9KzFIg&cid=CAASEuRoQoagpZ7YKhRO73gz25LLNA&rfl=1%2Chttps%253A%252F%252Fgadgettendency.com%252F%240

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

70f47f617dfe941f7f8ba103c7377afff3d0b555e93462e1f53853a9acdf302e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30783
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame A9CD 169 KB
59 KB 134ms
43ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame A9CD 8 KB
3 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DjpQ6newSNgwk6vNSsrB0aVspdw1wMTs0wRGNwTbbiwIm2v6cWaL4uM1YW2adFfv2Ckm-96Oswal9dCHq54gsb3IdHtnzuJ75-vaMTpKYTNYBg6XJ8B1tFGxG_EYI1ua4zcEBjJDf09nq9ZAgx61m6EtAGvA&dbm_d=AKAmf-CqHGY5eNnPkVwxld-zhy0O7D3xMIsTa0U0bhF-LA-30quznngdlzbIo6CUJmeTxCymPBbT7C94uXEPjrcMlHQpwYzerz83xr5Nft8s8RtQcY58kW9TB9GcWdVBhmwisIrUaFBUemwyb8TfCAvV0GMtp7T4cX4M-PK4FSu_GZ5E7HW-nm43rptIGMNfu2akmgXWG1YIyXF40gda7_f_tH_RHlA5dAZs3Ty7SRrVnAMueB8WYICJiWRG6OkPP-BXJpz3hluilpQEjtNsP2dbMc2PAlHxmrq6JMZ1Dqd4QdQr00H-6d4H40mFIh93yXZWItNS_5Vm81V-ZgXvLcK3hfBbGUUuow_xvsN1gNHwvsMsoI3Vo-CdNjEhPBnDx9KRpEZl024biju3OoJQgGDgm54er6gAVo2qIX7wz50bBnEdZAXO6MA1jnXQGRbrJQnVMPVnOGidlV57xHD-HJvCSQ9L3Np-cLZy6AaD6gWNmYfS4vVWb-ITLjhLntajdUqSU2se0tLO14HUASTtaxjnNc9e45sMQKRB_h7oHmGuupD9yR_RKfORexQ16jqer6jiRviZIUXJ0F4vri_3FvG_xpTGkdWuc04_VTQqwqGrOd_eIWE621N-zhDkiBIRhf1UoQGm8ssYpzBhuInLUAe3zod7BS_0KZhBD2k0qzPxPQAv8NKp0aAUHEi2mP_qQwUVJOubDZ9wn_RAPZ9k5hV-TvnfVRny_bZPqytEENSi5_c7KmZXwormoQsoXh6oNNf3PHZ_y-3UvAV1ET7YJCUaf15fsF2HJkOX6m9ERVGkP_t66u-on1C7bTnI3BJ_AJKxVcRdX9wG9ebDDC_0O9ofJ8tWKYrPTBQOh_kVbCpgBwdsSnI8X-UL7VWV2SSeCWGpufI6-Iy4MFVIsGIQt48o0WPB3KJfBwmI2C42a5tdq2g4ydxBzEAZ6GbwiMM2XQ20YYs274LFHsl71Z8dkweeEwqgLaBb8ciVLzP9YkuptWc_uEIVEbUTGH1RuEv3RfLHfJnB8lB2MVb9PVufoVd2yvUOjb1RFXXdnIXG_aFNFtBNLaFjd9iP3cBaShIEm879C9BCCsh0bsSx5luV2KZea0MOJefZvoh413kJGY01H0jfOHUOr--8dREPojtEINCSvcIfxC_uf4o9fwTRts4Dq8E9dOeY8AYFzSt7TuxhFSa-1qbgzcNf3pJDvcdlAz9N1UdT_MM-i-8xoujtFyVa1DazOYS3R_Cpb4IQOxyIXroYS3x5r14o1msnFQpCgfvCnV805qTaAQiXoeaN7giBIjjs7pmrd5ZSu9DXMIwggkDzaRNX0bf6e9DD5ec_2GZTfEi39Xe9QyoFuhaY-j2mzbvdyumNZ8x_5L6WhYXn7lRk7BTiHQ3AlUifPeJS9YbdgWHjYNqiZ63-xYipqC9ow0TNjIEadh2RFHfbPdu9cxQQhYTA1BsKOqFfKliiqaa5NZ9OImnUSJDWpFXy2K7RMqMV0heOCnW6cI1jeeY0W36bzv6rgS5Cict3pVY9Sb3ZkW6UW8-DXLiWt_IKEH1pxFLnyP7xGn7EBwSTLmj8JGnf9sixRCe4AiilUDTjxCKO987rq27W_zXl56f83E3aUzqojg8rH2eNRqD-tORKFllwNwNOJCgrObH3C7fQk6tu2XF9yGhFGRFRYOlnu41vx_uyfgzCSHVhPogImE38unv1-0xAgamGcULhmTUylvm9Qkv4TjYkEnPEQ-uR-CvBWSUnPUVdIvix2mLIQsFiv8J1nnobweiTUAaS8hCrpyAsItQKbVDysUfxpPTlEGxXT8D-3eS0bRGfGNIqsvcYKiBi2KA1osJNPBh_CUQDaEHQM9kcUjwx0fRYPZy3eyrIwOHJ9tzMfWrLeTmP2mN3ZNkjZjM416Se1jTJcoLnJDSehCDpYZHMtSVOB_h8c0qgNBxn-6yzqvFb0Wvl4c41BWJlfmd9xvzQTbDfwMT4TNW5lpeHD7qMtH0a0Yom8WLUlm0zu4jTmU-Ji-VNiJPw6FZrSSFMuRdXd8eVWibMu9PdXCSPLG1nfGeto-bof0qDarhkqW9Tijj_xOhj5AR8miBCTzMANQlXJnlxRqWv2Rmvx9n8TRERzckhtHyXWEvCA6PDTdSDXsot1ZMfxSmPau7DD_8sRiElu3kmw5DnN13EYSS49eo_CM2yT6kNJqQMjXqzJyUIUT3pgo2vVhNTc3jTDzBVVQQk8jPrprizJVtqYHZKIaVz42x7rbharu0KSvxaX_XV8LlpM8XuZHCld05rsKf4C-0zpJ62UcfOizwkrjKzRZRIY8BhTXdTOZXdo_BjYwHx0_xRrrAwO8Ia1kOFIPimC7xFATI1q4f3hf-P8f_fyAzTP-EK81V9Ptk_LvL_nRr-NSCZCyC8nnwyGVyiOxqFVjaEKfuC8lpMgMnKBBXleXJPnHvctwUX3xceW8fIEnFrHv2iLgiZ6ouDrdX8a-oqCoCPoFCT-SkMCAzDsRcChpArIpsasmWvDOoaNhnmCK9HzP1T5PkAvTFpQDXmvabeJFx1N3hiCzwxp13FcV4UyvNJlnUd40kX_0n5XMFBBOtTNM0kP2-1y3L0nJma8OpV25oZHSwIVtiE8I8GqSiz_UF_5JVzkIyNiLE2zLWpJlEZZzqrR2mYvfc7y55PTrgYJ_MYvkg6jrS1yymyHQNy1P4W7LP56a-jS_83Z7fedfuAc2wst8eBNhtGW7U4mlP3HJ8qkgDg5UVn-unEBY0R-6P4U3x7wmv45bFryApScImnnwk7RDLWWou7x6qaGqGUloiMF_f0t1-BvOStQ3yRqtc5ZxPst_n58ZsuFj4n42V71peT0ZHeGhj_Pd4YBc_xwLzKNLkiJlVsOZeJMzrptaTs9cPxb5pqeXcGGi_PFZa3DOaoO8cfuNZQu4U5An4toXbn4dXJH8rK5x9aW6KNKQNc86oyhVCA6wfsxlVH2UK2qKGlreARYvePmNQ9CqJFsK5VZp1f4kIiiQmSfKb3ahdseG1d1ZmHLJfey-uPeVUhuHgDFv1tYLdsY6bvk1ORJ1uBm2wRO48UDI0cgXcpyVjZUSnCi1hsVGmRNQeN5yQX61GThJwN2B-hBQU1lw7S0BG-mBg0wzgRF0G7rIVLhS4M_ab9Esd2hhCaf-5wsWPVKb-bKHK-G5tnFn6mzCd6nYR-AHAGqUZECIRwIOvYTuyCjHka08e-bms-knnqAwkfGg&cid=CAASEuRoBmYMJwWFYVHjD0GdSN-NBA&rfl=2%2Chttps%253A%252F%252Fgadgettendency.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:08:19 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame A9CD 24 KB
9 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:11:30 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame A9CD 41 KB
15 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250541
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame B0AC 1 KB
864 B 43ms
42ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 18:26:41 GMT
expires: Sat, 06 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42390
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame A9CD 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2ecdea6a32710731d9d20885171b4e3ba506a7ccd956367038c15198d8e05b01

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 6168
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_cm&google_dbm
https://us-u.openx.net/w/1.0/sd?id=537072991&val=CAESEGmt96povyzybRR8N6hTeFU&google_cver=1
https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGmt96povyzybRR8N6hTeFU&google_cver=1

43 B
180 B

33ms
32ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGmt96povyzybRR8N6hTeFU&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNXHtIjDNfzgd9i_vgPABRKrgvK_wDlkJpofboDkidrdtxlYvaOGXNSZtXuFLW6p-gDbBUuHXsdM_nb1w28ymT00fYl8J5YpdxavL7-WaKaemWQ5gtuy48hI6NQumLe52JgRapHU4-4buTX5cTbDj8ZPY4nNB160fokxscdso3RR4iiIlPo
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.218.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
via: 1.1 google
server: OXGW/16.218.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537072991&val=CAESEGmt96povyzybRR8N6hTeFU&google_cver=1
date: Sat, 06 Nov 2021 06:13:11 GMT
via: 1.1 google
server: OXGW/16.218.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6168
Redirect Chain

https://us-u.openx.net/w/1.0/cm?id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://us-u.openx.net/w/1.0/cm?cc=1&id=9ca165a9-d9fe-2ff6-d83d-d145a80b0d37&r=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dopenx%26google_hm%3D%7Bopenx_uuid_base64%7D
https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMyYThhNDktZGJlYi0yZDU4LWQ3MjAtZjMzODdkMWM4Y2Uy

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMyYThhNDktZGJlYi0yZDU4LWQ3MjAtZjMzODdkMWM4Y2Uy

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNXHtIjDNfzgd9i_vgPABRKrgvK_wDlkJpofboDkidrdtxlYvaOGXNSZtXuFLW6p-gDbBUuHXsdM_nb1w28ymT00fYl8J5YpdxavL7-WaKaemWQ5gtuy48hI6NQumLe52JgRapHU4-4buTX5cTbDj8ZPY4nNB160fokxscdso3RR4iiIlPo

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
server: OXGW/16.218.0
vary: Accept, Accept-Encoding
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=openx&google_hm=MTMyYThhNDktZGJlYi0yZDU4LWQ3MjAtZjMzODdkMWM4Y2Uy
content-type: image/gif
alt-svc: clear
content-length: 0
via: 1.1 google

GET
H2

200

um
sync.teads.tv/ Frame 6168
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=teadstv_dbm&google_cm&google_dbm
https://sync.teads.tv/um?eid=3&uid=CAESEP1GqoYa8Na_5HuKPTYOd_c&google_cver=1

23 B
172 B

123ms
68ms

Image
image/gif

104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=CAESEP1GqoYa8Na_5HuKPTYOd_c&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNXHtIjDNfzgd9i_vgPABRKrgvK_wDlkJpofboDkidrdtxlYvaOGXNSZtXuFLW6p-gDbBUuHXsdM_nb1w28ymT00fYl8J5YpdxavL7-WaKaemWQ5gtuy48hI6NQumLe52JgRapHU4-4buTX5cTbDj8ZPY4nNB160fokxscdso3RR4iiIlPo
Protocol: H2
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 06 Nov 2021 06:13:12 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://sync.teads.tv/um?eid=3&uid=CAESEP1GqoYa8Na_5HuKPTYOd_c&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 281
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 um
sync.teads.tv/ Frame 6168 23 B
172 B 176ms
70ms Image
image/gif 104.111.242.245
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.teads.tv/um?eid=3&uid=&fb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dteadstv_dbm%26google_hm%3D%5BVID_B64%5D
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNXHtIjDNfzgd9i_vgPABRKrgvK_wDlkJpofboDkidrdtxlYvaOGXNSZtXuFLW6p-gDbBUuHXsdM_nb1w28ymT00fYl8J5YpdxavL7-WaKaemWQ5gtuy48hI6NQumLe52JgRapHU4-4buTX5cTbDj8ZPY4nNB160fokxscdso3RR4iiIlPo
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 104.111.242.245 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-111-242-245.deploy.static.akamaitechnologies.com
Software: akka-http/10.2.6 /
Resource Hash: 328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
cache-control: max-age=0, no-cache, no-store
expires: Sat, 06 Nov 2021 06:13:12 GMT
server: akka-http/10.2.6
content-length: 23
content-type: image/gif

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4B42 22 KB
8 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 250541
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame AA4F 169 KB
59 KB 66ms
66ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2470
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame AA4F 8 KB
3 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-DEqTkP1cExAicIfjDNo_YQmHFvNDJyDDFHBb6TBxFSEI_WK2b59htHxiHNrBKoz44DFO0I271vemgYmt2NzDQOHy-iWC3DQteHaNGqQ-HBLHS553Tk9NLMJy2aqKYJAHebbRo8qescSYReZ-VX9II7pjTejA&dbm_d=AKAmf-BzGD6kns3rK3C9ceCYUMpXs754cSldEAWSG-zcMdbat-Kgysz-suiHwlsY0Qksrinu-1sfiIYmkwIS7yqO3nHwDd2tYEz3KtfCJ28SEu4dPlV_N5H83g2SPdliFM5Fhw-ucrXj1dpHvrHB3KVKnqmfW7ITbSAArZu57nAUna4RQvULi_JD4XzZ-BOVtwdq5Q79HeBe7ARnsNLrbziRXjuv7XHOKWje7glzKlrPdzUPRwhsOSIrXfTR-ZEli6T4u5ti6WJyjwPwuDX50JZ_gAGfm6hjnkDWJcikWKX2PyXbGMrp6bVcvId3GjfOv4j-FAdtMpgxTidFoEfykH-iJvntts8sQfSpDyNK0JIT5muUF5axUiFw3ywxLlqGIvGoUDgh6gMLHr0NfoPFbms2O-PKvFaMzd4SYnIkjnK4f35OEEDAoVTsVhsuYo8okrgJQ-q_3q4e0FGes5MzJlL-0T5d8QvAUAAJXzE_7bYke7M_Ufs1GlWECGyo6pcciQ6ED8v3QocT3SkL1SW5bvF2Ujb0wGYHLferVzEUUjG1MMqmfBvPUAu98pjw7CiojbUPnMUbZcw30GViad4Pz6YD-NIPoO0sWz3CknWEFLwP_JFPr_GoZ6tDXme9onqJ0Mtc7ZSrZ7ANSo9B3PyFbs7RSuiKKIsp_Sj4D4IJ2f7rgXvwQ_R-uSSQ65DJxv9AkpT6TOCFGkyTRdCTywoUDJ_1f1G1hG3OQMi-XjgbJI6zCJZM1DVsf0NtKsqar3CESzsQwBhe6tYuxGcgAaBFCCSphjc2H9kBTCcwxtys0BmklZf77SnVohrUyKLoL6NhrR6xT7AGxN9uHx1DIZJfkO5Nn0MJr0yzZHsQf_ezhuDUFpzvvEAZ6NGxSaKUnnaVGS_aNd9I4IBXFCpWQnyOqXWToCQoYih32JTW8Fcp18K_Oj2fBGmqX7h3AItH1YgUr7WvSMOPHDtLKR7UgGP8Zf5L9MbZPKDocI7ccunu1cF9jOUjc7g6ZjsArqUXiS5rL98XAKSGgscNjQdcZYAbQGdHEVf6CD4V4gn1QhJuwollLsDAqRZt_ah1HP9uWjfJ3WISi7GWsFsTpI8QdUDHBrczRmPuKAsypK-gVP2n4uZxi95DGsk9fuocC7zZ_5Kp63Equ40CCvOfcx414dDfETxSXNTfCQO0gFkTjurAwiIRT4OMzANQyWJ2Zgb3VJCfVYL81MsMWb6uPKcDOO7t4CKWWMp7AZZZ1-kReGzU42JOyJlib9l5wF-XlOcd1ZKICi7hae3M7oi8dzNNgKsCgc0BD5hx5ENNzcyIvO0sZGdR4d7KxXWVpc07lYs4xUWGpfXN95ByVZOtK4NZpw-qUUWGcEOMAIqfJe5U9WSe_b7CgOSt6k9YqQRTU11JSeJhg6ARSZ-Y-awq-4pOiZIApPunCN1qWwjXUB4aVhLsxTkzRfBDJNHGFDn_-q8b9Bln2KtQ8hIfebOVV1_8nY40MEg76FiSCVl1ESyURO4gVyDC34OuLHmfRTQ8AAnegL30xPG0lYCQuhOzwz1xm4FFgvy5aPa5Y0cC0uKHDd9UDZ-i5mMe7uZgcQHRvOkkeVFEuVi1VjH7P0xkjyaTm88HxJWaBxamqrDhNawJx46lGBhKmlhf5wHnF2HfB__jS57NVVubXojUZpjEvN0Fhrdq2xXxxQav6qe4X5TRRXzNta4ikY4wgBg6s2rFinNX2fXwL5f0lT5pm-sonwAnJHcooX37lSHjEXUk5ik-X6TDzqcNWegKIGnvILlES9MzFkmzSWKQuNZ6ybZiFoRWddkY7NgrI6eHtZtA4bWLq0DvlCSAheQzON22NUKLAEt-MybNg1wB8x1j6qMURJ28FUpuVI4HkYdjojZlY_LtznQvf1mfLu3GJ0S2cQjystAmxXQWQxlZRlbN2HMPa8nzC_CQr1ssm-8J99QUQ0q0EaKflYiIy7KWLZLLIpw5l8GNcr0WaPiGYL93f-M9xRnrt9v-s64rgWik31unMRqcwaXP2stJ01hJJAsQO5rIUKBmZFHhfBBEXBptIZCAS8_2Ahoa_qRuMKkRNcsnUtGC0Q9BM2P8moTJV-QvRGf-7RVpH8SAUWgNbxTvM-kNtAYlGbmArfSK_EBYqLgbSCaWNDBxl8jsP3jnEyStZCPvzRVwiXPUuPOdwvcITYF3Ma470EOkTrx4u4ZQMeNEgl4J0N4honfYSyMEOU5afmvRMyx985Amsq4Uj1dw-7fs5Lu2Q5Ivnu2YO4X2l_ZqxJZt0RvX90tbGmQ1_iKq9enpRtloxTxJcJpfNZudG421XUCLR8YGs9HGKJ5VJsi6dexjxGNlfgCBfT_gjthdBUOQ1aLTkNXZ7lzQYJjkcXhn02Uc9_1vyx9UndRl2fTayObFM38ueNm7G3CPqu0hrTkftPBXp-ckWdjKfXkbHJyxh2RXyzebA6j_GB6JKkail6uCOGaMoyL4CkdU97xhRqOGdef-2LUZldZf4RXCvYOs9wDkLUhQ-TgotBlV1YoTwbKCgbp0JHla3QblFoHf8xBEqx9uIjMekBP-gEn1NJzD_FJOpkgqcgfdaTGI2LOjqywkaRvH3X8QwNGA3WgzwgvC-evDlAg9OBuJV6PzbDFHpTCYcnuzjJzjaxvCfOZV3veteI21ePZhTFMQ8KLBsFGVR69b01yc4uygPEjMtWa-qZmuNxPbEgi5EHGYmdRnzPjfb8tlpe7oAPi22NSCZ9eKcdiRM0nZO2d9Q3YXXUNPZDTyxdLMbfC7AFbMeFMhqLElF3YJxT7sts4Bp9mpsIEvlaLv8w8uXEzUn3qa01izD09wMsdpJN5oJI0QoScSgNuOMaXMX66waqw493_peOkcAvkMGQ-rT9WTlJ34wtXi3MJ8Wpqh5JkOG-vNAAPlHmKOxFkP57iCsd7bQNxKcSPq-3pFtmYSfcTM5Ufh-5b8_RyotWmDq18lVQ7vvGFkQvAJKsKiAUbXUcJkK5tjAb2zd7k31DHogpKsWdvaBoCz9qS_HRKOd4cWah2s9KzFIg&cid=CAASEuRoQoagpZ7YKhRO73gz25LLNA&rfl=1%2Chttps%253A%252F%252Fgadgettendency.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 292
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:08:19 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame AA4F 24 KB
9 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 101
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:11:30 GMT

GET
H2 200 dpixel
cms.quantserve.com/ Frame B0AC 35 B
463 B 129ms
44ms Image
image/gif 2620:116:800d:21:5a23:9c4e:e774:96c1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAYDsQRAJNyesCo1sMfM3bA&google_cver=1&google_push=AYg5qPJNNfepXbmCj6pdK55YYxU0odcDV5kRGz1cBkSivAFQ1mJQJoq_io7S_oeuQKdXUH1wjK2XwLiO6-xgpZshFkp5mmAXo7X1

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:5a23:9c4e:e774:96c1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0AC
Redirect Chain

https://id.rlcdn.com/466606.gif?cparams=google_push%3DAYg5qPJyHbIywRJZlhdWlNsgkTDmTHpm2tzW1dN5sKxHaFu3DRRKdRWM3hUIuX5Ycbs1ZrwcRNI7vl7E614MXStuRaetcwX3e0r5&google_gid=CAESEBdJsTmYlrbvJGPrdWIvErc&goo...
https://id.rlcdn.com/1000.gif?memo=CK69HBoNCPi5mIwGEgUI6AcQAEIASnBnb29nbGVfcHVzaD1BWWc1cVBKeUhiSXl3UkpabGhkV2xOc2drVERtVEhwbTJ0elcxZE41c0t4SGFGdTNEUlJLZFJXTTNoVUl1WDVZY2JzMVpyd2NSTkk3dmw3RTYxNE1YU3...
https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwci1VYkNkUGp4Nl9RNTlMRmxOaUxBSEI0X05Ddi1ra2hNRmNuUldJbDItRQ==&google_push

170 B
188 B

59ms
58ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwci1VYkNkUGp4Nl9RNTlMRmxOaUxBSEI0X05Ddi1ra2hNRmNuUldJbDItRQ==&google_push

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Sat, 06 Nov 2021 06:13:12 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://cm.g.doubleclick.net/pixel?google_nid=liveramp&google_hm=WGMzMDcwci1VYkNkUGp4Nl9RNTlMRmxOaUxBSEI0X05Ddi1ra2hNRmNuUldJbDItRQ==&google_push
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: clear
content-length: 0

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame B0AC 43 B
324 B 109ms
41ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPybDtDcz9h5-x_2eQWNNRU&google_push=AYg5qPI7X7TyN_CnCeuBI5u5rfr6is3h5FMHnt8g-RuhUg2ejEjMffZ8GBJ0CK9-rm3YhPjA7BiTVjXO1BqOQUA6Ll1AVYwER1mL&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=280&slotname=5919063673&adk=2919542279&adf=436026530&pi=t.ma~as.5919063673&w=642&fwrn=4&fwrnh=100&lmt=1636179191&rafmt=1&psa=0&format=642x280&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179191107&bpp=1&bdt=1593&idt=1&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&cookie=ID%3D1ebf11ac25f3121e-22a9396630cb0059%3AT%3D1636179190%3ART%3D1636179190%3AS%3DALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw&prev_fmts=0x0%2C642x280%2C300x600%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=339&ady=1900&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=BTqgIzkWV5&p=https%3A//gadgettendency.com&dtd=9
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0AC
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK
https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK&...
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPI5aT15is3H8sA0JJQnqzGEfqFZdcSuDisYKkITMrrBaMCtjMj6xHCTUo2nRngBx75AIRZgGpc-uDojdQ7Lpl1sWvrXaNKK&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: cefkurbpdnhl004ir2htei9jil76ndi3

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0AC
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=phASOV4bTqCo-X-N4uh9nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

59ms
59ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=phASOV4bTqCo-X-N4uh9nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLnAogC-HaPJ9GHLqL2biHaa-LzaEOt0dhuoSZreKTL5Rom2HBftlZzn9cNHzyyYbLqorZGxLdV3Ah3CmqZlqKXS5wkYiq3

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=phASOV4bTqCo-X-N4uh9nw%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLnAogC-HaPJ9GHLqL2biHaa-LzaEOt0dhuoSZreKTL5Rom2HBftlZzn9cNHzyyYbLqorZGxLdV3Ah3CmqZlqKXS5wkYiq3
date: Sat, 06 Nov 2021 06:13:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame B0AC
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENalJPOHdir77audo8OXXbw&google_cver=1&google_push=AYg5qPJxpmKpEczfFr4TCGN8p8YSB9SnONzlegB_3g_RYT-gRqfI86Si8SgBIGr8p-N21WE8oWu...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHUEotWi01TFlM&google_push=AYg5qPJxpmKpEczfFr4TCGN8p8YSB9SnONzlegB_3g_RYT-gRqfI86Si8SgBIGr8p-N21WE8oWuJj4nc9D80js5UpiZLVa-tqHA

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHUEotWi01TFlM&google_push=AYg5qPJxpmKpEczfFr4TCGN8p8YSB9SnONzlegB_3g_RYT-gRqfI86Si8SgBIGr8p-N21WE8oWuJj4nc9D80js5UpiZLVa-tqHA

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHUEotWi01TFlM&google_push=AYg5qPJxpmKpEczfFr4TCGN8p8YSB9SnONzlegB_3g_RYT-gRqfI86Si8SgBIGr8p-N21WE8oWuJj4nc9D80js5UpiZLVa-tqHA
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 19c1ac3b9706c83a73951eba4d239689
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame B0AC
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cR...

0
0

GET
H2 204 attr
cm.g.doubleclick.net/pixel/ Frame B0AC 0
59 B 47ms
46ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13LPCPrgjXY63r0cxPf3WhKB0yiW7b1y66OoPsBs-8wLsqpiSfTCw2endBpQtknzdiUIZ7Zz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:11 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4B42 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame AA4F 41 KB
15 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame 5429 1 KB
788 B 40ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 18:26:41 GMT
expires: Sat, 06 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42391
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame AA4F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 28a3117ce5a89f67aa1e3a31392d9ca4c7d001f14c341edfab8926e1e6d9fd61

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 index.html Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/ Frame 4BE5 2 KB
1 KB 141ms
50ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ffd830628529f9f0ea7f898d2b3dfd41285879a5a405dbeab26656801aa13f07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 619
date: Sat, 06 Nov 2021 06:13:12 GMT
expires: Sun, 07 Nov 2021 06:13:12 GMT
cache-control: public, max-age=86400
last-modified: Tue, 21 Sep 2021 11:41:11 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame A9CD 0
61 B 165ms
70ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9fDV9dLAP00X12MtrMUS67y8toHl6H7AXpBsDwS8GSFy4zkIScCcpLhei1EfP2kffiyKP_3C9jasuCJivfJ_zOh7_ckAzH_HjNEbJDJ2MbRsRvxUBZ8mIJ2FJ6nW7xtBZrCdskFbr1EUUdGu_1F_PthB0m0zTv1iBwvLhpsTFMozaaIPvfilAg29A8PIE5LYXHQ6XvV0YJBuyxzgxYaeyeCqsosIv2PW8IOWdnoRJIfGyiSBvsIiBgZZ7IQ8IDcmGXDBEaKKD_zFaOEHq4dg_HLTMaky72VRjLy9SzzcGFLFoUEWzbYWF_AzFII3WiiOShgZnZ1cZ6blEiHiqP6SDVXDRtI1I4ywKpEh2rrHw3018hhPYqkMavSxKJWncUWzrHUuaQ9HZ6GbNeskR6cdFtxq7bdHm8wgJ240Tvwtxl6M-_k6YYGln16SU26zd5b98O4jzel_iSerdcMO9TdLak6R5yOG6KayvTdHvlUxxtFFozfSgrfnzGC7JruhVUJD7dsCufYyLRVixk14vla2L6JfJpcnbbR1b0_vC_0XFhqirFD2Cxt5RYj12HMnQlthRu0JTnFromu_NR7kTX4B21weh3pvh1tKF0LNk2GWLMKktfIeCRJ8fXd8WJSoeM2uDGiUcxSUWOe5SduMIwTFWc9M4etd67XFrKLtg3CVvhGnKr4UcsXhsJh8n8Pa-OJhioETMZW3cURpw7yL6uim2Z4amfXuwfcUGe8FDaS9UuZQLnSxOSjTxlLJSj8tHEb41A6mHGGFu2hc1NVa9-Z5rYddI_hVE5e0_mQd36kH2xP0bZRzFUpR3FITKyFScp3GS2CzeqU6Z5DOXNVcjtlmmv58-bozsTi45qur8w7cRDNvTlohUXmiSAzu-SL-vKpsiTDY9NphRK2hV-MmFvdf4s5gIMY_B9sagIJL8ANsdjvuXXmKT5GWjQATFlDI3G4rk8Tl-dbJ1NY4vlE1yY70tLnXTw2FZSWMlYei_7eT14c2a-1WxB4nMVj4PE2RSk5j5wZqlDce4XMIsIsYlQ3jt_pML1wqc7W4w_Poh2Gz52VhogXSn1_DciZq_UUWAGpTIwh7g2JMMJGenAt1_6-dZA5iAr69Zlezmz7t2MwUQyBWWxlJTPd77sRqmBMWH3SZ_yu2SMFeuaCczHczvOMK7v3xjDx8_XAvihZ8aKWtKmfsanZegQJtWZCverU3oJhcYQeouwcKrAxzvfctEIw-DBmm7iKB5yWeB4lbTAK4QaWXE5CBy2OegHCyE33h09_zxy74&sai=AMfl-YR7Ni-b8srY6YBF-hGHSEcoU1zTLWCUek6hvoARY83wyzHUdu9hq0N17DI8B2s-z-7Isdc9FW_lggdV1QNhPJUSJeamk5uUsTEVwBdb6nMp0r1LNNpXompYOZ3xMDx39GEzauC8YcdvNvdZNBEMswydkbwPPDroHYcJ-j-Syx6vFbhCPQ&sig=Cg0ArKJSzAVfYdnXd4Z-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=211&cbvp=1&cstd=205&cisv=r20211103.56955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 06 Nov 2021 06:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 7B3E 3 KB
1 KB 127ms
51ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e281d043da463bfb1e696e8d54c639739f34c2df44b0b5e3f8ca71809fd2a6f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 897
date: Sat, 06 Nov 2021 06:13:12 GMT
expires: Sun, 06 Nov 2022 06:13:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame AA4F 0
571 B 150ms
69ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvq9Eor_HcuwHCkV3qXxUo-XqiQy5Quc54me-DBn5HcVNzD3Ij6QrLDKUsh8IoYs0lXGGUEbrdozLMDvjLiLBEE2e9cXDeXxY60gQrYeiqSr6BgciYalK7IRMQmE5CYml-zOFgXOnH3tyzGRES_g6V8JAOpnZB5dGCJirXfzslfH1HQnk7dWHqRPpofBxeh7a79w5CMLBf1y7ictCIKANBqdiFrZjgcKgol6HkI7NKbCNgWsZtrCSSmmqV8xM2oZ7nOP0MHFiAVQkBqcOlT3d7YfF65ksbPIxtQ0vejri-xVCVm1Pd3pH0Jm3uHj38KM-Lc1uN8Gp5PZI3juoxSxIclRxiJID0EU7i9Xsvl-NZJ8EKYLLSG60vAGMrK7bY_harJBjhCqrj44M2Sdb4sBqp9i_m8XB-yH4Xk1I8zEFn6ohbqG6mfyQDQj3lR_lF9wK1CI26rYfUISkDQV-krzOXoBiHy0vvnVTfOXHZkrsFxcXo4Ld3qX80W4O3MA_AqFWxzY-J9lVNgW79tyu_hnd76wmobn1HsQgfBhsDWV6LQi8z688uMhwcPkVQpF1lrrvvNa-20RdHN8lCtR6-eKXXyck-DAKSQYXnPvRR0dF9W8eYgnCE2brgNI7-9y716vy-Q47JIHaSbamN90dxQyKwJbYHryLwdXIJhQEeWpRzaBKZeThZm-HHCytPIgSUV9R1wrD35-Dq2JC_iNsiaX9F0YxVMV8Wenopvi890Hok2iT2nX0Ss-uVZqXdOaimDS4ggeQSmYwWitNbqB9Tih9c0vdDS3hQtgWYiCeDI8T-uxFKUByBDzbqfeZP3k9_d6S3MDkT7Jf0awPHmS1PF-B5hf-9hGAT6nqsXXjc55FMv2cq5lrFbGlLO-rKmj04uyeHNmoZcvEQ7BMwo6L-Idn521Dc3dep5OqfJL51szmeDeCnaiNlMW05T3k3_h5OYstopCvpL5075UzwgaIFo9TOcgZjzC7RuAp8KrLqEh0VzIlBHlWFo8D-LF3mPCbkJIGbHtfCxZG_mEva8G1B0fUATQblrQGXMQW-zDs8T989pZ-6lRsN5o6qHBAoA9Qom0CyF8E9Ij3LToHRn229HpJJVrxp0fT8oNSgoMyXJAqxbgTXnRpPOgNFfHcLrB5WiwwKNKSRwICleh6ZRB2f4mcxyojro9s1zko-j7uWcBj8WmS5051lJ8IUaVzZFArWm0Bpet52JJC15ULbjc-oxzdeqNO0&sai=AMfl-YRzbrCbBBd4oLHtHZljLWjtUd_2_Wiqy7rH9gJ1k41FdPZ_3htwGwb8Ak_O8J2CScKfRUTP8xZ0yP3BHI9YpDcXfO_wUBYgVoAV5MDVZs5ScfsMzOuKl8cBFFMoDKX-Clate5nH8ujk1ALqo8GbcatJj5K46Q&sig=Cg0ArKJSzJY29IsBz5MpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=110&cbvp=1&cstd=104&cisv=r20211103.75805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 06 Nov 2021 06:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame C9F1 22 KB
8 KB 43ms
41ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 250542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5429
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAYDsQRAJNyesCo1sMfM3bA&google_cver=1&google_push=AYg5qPKQWg3YocpFN5TY3mPmC4_EwNsshka4NPFzqc1vMwGmYwt5eGqP48...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQWg3YocpFN5TY3mPmC4_EwNsshka4NPFzqc1vMwGmYwt5eGqP48qecFfI5-0YlY9uK6Zhio0ZBnB49bgF0Z-AwmPrOw&google_hm=P7kOxfiK...

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQWg3YocpFN5TY3mPmC4_EwNsshka4NPFzqc1vMwGmYwt5eGqP48qecFfI5-0YlY9uK6Zhio0ZBnB49bgF0Z-AwmPrOw&google_hm=P7kOxfiK6L8gPEHRHRaM3g

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPKQWg3YocpFN5TY3mPmC4_EwNsshka4NPFzqc1vMwGmYwt5eGqP48qecFfI5-0YlY9uK6Zhio0ZBnB49bgF0Z-AwmPrOw&google_hm=P7kOxfiK6L8gPEHRHRaM3g
pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5429
Redirect Chain

https://d.agkn.com/pixel/2175/?google_gid=CAESEEIOo59O2ToRxD6eMytmnWM&google_cver=1&google_push=AYg5qPKNZyK3OTgnxpEG8khHfh-fvRrOtIdJn5_6PNqNEIJfbCH4J5ggYhHurTll4vHIWuTzN8CVLwpYJ3GwhuRYel4-E_Pvw44
https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKNZyK3OTgnxpEG8khHfh-fvRrOtIdJn5_6PNqNEIJfbCH4J5ggYhHurTll4vHIWuTzN8CVLwpYJ3GwhuRYel4-E_Pvw44&google_hm=Q0FFU0VFSU9vNTlPMlRvUn...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKNZyK3OTgnxpEG8khHfh-fvRrOtIdJn5_6PNqNEIJfbCH4J5ggYhHurTll4vHIWuTzN8CVLwpYJ3GwhuRYel4-E_Pvw44&google_hm=Q0FFU0VFSU9vNTlPMlRvUnhENmVNeXRtbldN

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 06 Nov 2021 06:13:11 GMT
Server: Apache-Coyote/1.1
P3P: CP="NOI DSP COR CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=ak_dmp&google_push=AYg5qPKNZyK3OTgnxpEG8khHfh-fvRrOtIdJn5_6PNqNEIJfbCH4J5ggYhHurTll4vHIWuTzN8CVLwpYJ3GwhuRYel4-E_Pvw44&google_hm=Q0FFU0VFSU9vNTlPMlRvUnhENmVNeXRtbldN
Cache-Control: no-cache, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 sync
odr.mookie1.com/t/v2/ Frame 5429 43 B
106 B 42ms
40ms Image
image/gif 34.98.67.61
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://odr.mookie1.com/t/v2/sync?tagid=V2_4531&src.visitorid=CAESEPybDtDcz9h5-x_2eQWNNRU&google_push=AYg5qPJ6tSVjO5MMoM9AlgBjfhm2_ZX03GHRXAPxtdS9k-_y2jgBlYjtuuMDLlax-nw0uWr6N8xly_FpgSAzduVR2aQJZD2892o&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.67.61 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 61.67.98.34.bc.googleusercontent.com
Software: Apache /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
via: 1.1 google
server: Apache
p3p: CP="NON DSP COR NID CURa PSAa PSDa OUR STP UNI COM NAV STA LOC OTC",policyref="/w3c/p3p.xml"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif;charset=UTF-8
alt-svc: clear
content-length: 43
x-application-context: application
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5429
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPLHqIuqK9lV7ticWwUmH41GkDbqMM8ag-APJ3SyScKgnu7ht_kILhtMUmXaMXkKpHVTywhtiHuAE8xpZsGRJSotxFalsyc
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLHqIuqK9lV7ticWwUmH41GkDbqMM8ag-APJ3SyScKgnu7ht_kILhtMUmXaMXkKpHVTywhtiHuAE8xpZsGRJSotxFalsyc&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLHqIuqK9lV7ticWwUmH41GkDbqMM8ag-APJ3SyScKgnu7ht_kILhtMUmXaMXkKpHVTywhtiHuAE8xpZsGRJSotxFalsyc&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPLHqIuqK9lV7ticWwUmH41GkDbqMM8ag-APJ3SyScKgnu7ht_kILhtMUmXaMXkKpHVTywhtiHuAE8xpZsGRJSotxFalsyc&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: a92iiksr5l6a63caotivuhtbvm9tc3ld

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5429
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

51ms
51ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJPrL3BDXyArrv0IzL9oALdOnJkOcZ4SQxiVzLLzOMZ8rQMCDaw1UKRGl0Da3zkYjnGJpc9f2w0HXZhaaASQOU-Ldgp3Y

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPIJPrL3BDXyArrv0IzL9oALdOnJkOcZ4SQxiVzLLzOMZ8rQMCDaw1UKRGl0Da3zkYjnGJpc9f2w0HXZhaaASQOU-Ldgp3Y
date: Sat, 06 Nov 2021 06:13:12 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 5429
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENalJPOHdir77audo8OXXbw&google_cver=1&google_push=AYg5qPI3YBUbsS2Xrc182SdsRaZiNNBu8p8Lu0H7zk4S4ChhLj7sTSuUXkzNmJLLKWbu4GgGBS0...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHVEMtMTUtNk04RQ==&google_push=AYg5qPI3YBUbsS2Xrc182SdsRaZiNNBu8p8Lu0H7zk4S4ChhLj7sTSuUXkzNmJLLKWbu4GgGBS0bt2GvKFwr7L51b-FT5M7WWQ

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHVEMtMTUtNk04RQ==&google_push=AYg5qPI3YBUbsS2Xrc182SdsRaZiNNBu8p8Lu0H7zk4S4ChhLj7sTSuUXkzNmJLLKWbu4GgGBS0bt2GvKFwr7L51b-FT5M7WWQ

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVHVEMtMTUtNk04RQ==&google_push=AYg5qPI3YBUbsS2Xrc182SdsRaZiNNBu8p8Lu0H7zk4S4ChhLj7sTSuUXkzNmJLLKWbu4GgGBS0bt2GvKFwr7L51b-FT5M7WWQ
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: f69a50991384d09413b97a37bb74928b
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame 5429
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mf...

0
0

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame 5429 0
12 B 48ms
47ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KkYH1pfKRGEBa75f139M0k-5S2Gg8eTQKV_f4KiET8s1lkJYjt8vpd8sl6yW75YZFydGUd

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=4248336214&adf=4144877436&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190421&bpp=1&bdt=907&idt=88&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280%2C300x600&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=1&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=1452&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=BTNfruKGzT&p=https%3A//gadgettendency.com&dtd=91

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame C9F1 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 4BE5 2 KB
617 B 49ms
48ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Product+Sans:300,%20400,%20500,%20600

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

4bbd0ba4d3c5e2432f157511e472d219d45d69dc460584b39fec3e27469a6eb0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 04:48:11 GMT
server: ESF
date: Sat, 06 Nov 2021 06:13:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 style.css
s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/ Frame 4BE5 8 KB
2 KB 41ms
40ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c18ce2f9b2ae7810b8e9f178afb960d1d3c335e7f750a77e9a397c172ed9dfb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 15:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1893
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 11:41:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 15:12:09 GMT

GET
H2 200 tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4BE5 109 KB
37 KB 100ms
99ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.19.0_643d6911392a3398cb1607993edabfa7_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37530
x-xss-protection: 0
last-modified: Tue, 06 Sep 2016 20:51:14 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 preloadjs_0.6.2_d7b96570d4552592ae479162e546cb25_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 4BE5 55 KB
14 KB 109ms
109ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/preloadjs_0.6.2_d7b96570d4552592ae479162e546cb25_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

291fcf6b0aea583079f4ea7c943852ddd668ad895ee08b0b557b372040d205a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14120
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:39 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 Enabler_01_246.js Show response
s0.2mdn.net/879366/ Frame 4BE5 116 KB
39 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_246.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 21:19:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 32015
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40237
x-xss-protection: 0
last-modified: Wed, 30 Jun 2021 20:54:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 21:19:37 GMT

GET
H2 200 SplitText.min.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/ Frame 4BE5 9 KB
4 KB 76ms
75ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8b1bd3ff92cff335e4fdf33f9f5920cebd56c33543636c50b16258a7e9384354

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 15:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54063
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3729
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 11:41:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 15:12:09 GMT

GET
H2 200 logic.js Show response
s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/ Frame 4BE5 42 KB
8 KB 77ms
76ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/logic.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0ec98322fd8f68c494e5c955198a2303c4dad97a847d3f5a5c949f72aa657cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 22:41:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 27091
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8273
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 11:41:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 22:41:41 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 7B3E 4 KB
709 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a8710d81938f21afdd8adc1bbbf09ad1fbb4f80ca43ada74dd10726cae7e1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 04:56:13 GMT
server: ESF
date: Sat, 06 Nov 2021 06:13:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 style.css
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 7B3E 6 KB
2 KB 78ms
77ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0201c6723f2c1f199a1b4d4136e488c8793b7be8dad1875f97823db9d6fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 09:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1766
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 09:24:16 GMT

GET
H2 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 7B3E 7 KB
3 KB 78ms
77ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa9210ddc672e43bb409243fc14424e411a2a76fa7b7250c0c99da0e19d329e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3087
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 08:39:26 GMT

GET
H2 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 7B3E 110 KB
38 KB 78ms
78ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 05:32:01 GMT

GET
H2 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 7B3E 113 KB
39 KB 106ms
106ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 invocation.js Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 7B3E 5 KB
1 KB 112ms
111ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/invocation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04951ec4c2cb0058e93c9c0232623bd68d8442e7f8d29403e9751cf1720e0de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 11:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325194
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1209
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 11:53:18 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 7B3E 25 KB
5 KB 112ms
112ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b7f5dc945fb266ebfd6332693674c6e391337f4a399785102203bfa287b4c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4905
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 07:38:12 GMT

GET
H2 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8D80 42 B
107 B 74ms
74ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-A6fCM5o_V4Bggm2pKNeGeXsMZVbyI50nTBhIpnQ_gnRgzD1yC5dJ_c9iYYiZUkDergbmgBEWEGaLRcq-4awoP5YGtBnfGR0eKdzzyZXlu4sB2YOSc

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8D80 3 KB
1 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:55:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1078
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1470
x-xss-protection: 0
server: cafe
etag: 9165589572046851897
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 05:55:14 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8D80 120 KB
37 KB 57ms
56ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37686
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1635939303405469"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/ Frame 8D80 15 KB
7 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:06:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 383
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6619
x-xss-protection: 0
server: cafe
etag: 4215814365075848680
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:06:49 GMT

GET
H2 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame 6E2A 499 B
381 B 52ms
51ms Document
text/html 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNVfjBzF8Q5IE_56ZYRajG7BmA28to0Y6LEsl6amewYIOzohCa8m8jRw0HMtagF3tqORq-csnUqdkvUEandTDpQyTG-Nu_v0PUoCGKSvGKp0Drse72l0JN81Zj-uzedCGpISL-mI4IVwqigk0esDZw9hn8lA9ypIX5PgLyE7a8lrNjo3cKI

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 06 Nov 2021 06:13:12 GMT
server: cafe
cache-control: private
content-length: 313
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 8D80 77 KB
30 KB 90ms
90ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp5h2cX5F1v9GJ68cSY3LyZYyAHJnSq-4Tp_2gCou3kBX-UsGNs1t04AgFykOsMZ0mb5IGsYwdGyanjWqKyNvOTq2NcliH5BVV2MjDh67Tm3xMojfLrcqWAnMlmIbH67_4rGFBjIKxeCjdGaVXfmGW4PuaPg&dbm_d=AKAmf-BgXTnR9wSpSRU7jn9amKkPoFDSIjpNNZ5Ljmfupq3VfFXQyrBbGVlOTejOp8P2o1wSxy-hG53WirY0LWl0idXDn-uUmqWVbxgiIKdLE9uMsRHOhsW4dv0Lwo2fDfXmNZakYTduqoef_r5T3ebIF534uJqW9bZ1nMHYiYcHDn68RMc8mek3d2GVsf842nZp1Ta3WfAQywsZRKNsFiSfNF1zGNQ8RUyeVYYHCuxmv50WnqGNyTRhk_raUmX4EE6qUYNPEguhUSEBylQpE0fj2mmxZQB_Gc3f6jeWd-0hi6meKdVgxAmo_YdoxlNBfS0P_iUuqhkTKT0x3T5enUkOC8NEehmvlOy08RVOQm4dq3Rmv3gABW9bOm3jygGSwJeVnXtSutPFxYku4ZyoXFQv9Egz3cGL7jOHvdh0mvrdvY7fAsxnQ_19HD5b0j-7MJka_gUNGM9FAexM8SH6ogG_lZHqGOF1ygs1VxyB2rbybHydd9MJRXOvtfdz9DnAfH3qnIE0nCFxp0xxUeUgXLtpSEd7hI6q1QduRdruVVo7HgKmceiuEkdoZBsCiwYwPY-CXANX6ZeWGpZUfawma1bET31dRnW2VLzmnQrDJ6hL4bq5fM_PV0nedTIWH0B7Qwq4hp5JRTobNc7AMlfenfhAlcvbM6crkWX1s8xt6fhgnz8DoMea_0QSvp-KuP2CNH4MpkGdflXYHkM_TVW06eXHqhAZmNF3qHbOTRYlJoc9BNvWs1wjTjdKKuYX75TijRP49Hw-PWBxlFCjobVHlIsxmANHV-XXdaRWZIr_mprC6PmjT47Wpwdcoto5-DsSHjN0f8F2yBhMjMQPOzzy0mMFUMIbtgbo1ZyAEIc0BR2HwSwjoXjoM1u12TZhOk9X_6YfTdGWa-3arKCBSX4lpXN3mAU6CwriFwb4HRcKRNgj5h-18XYFiraB__jlYqrsUvaaxac_6FnJK0_Axwb3V-78BF4u2JkXlHqwtfGPc7OEuocjM2SCPVnuj6g2hoGqjHk337xJbYghad-xMu3ti0IHr1t6Z16QZ2_2nleNP6gx2X7RbKFCBdQ9eg4lLjw0DOSOU3qtpL586b0wxJpLrKzvCi4DPwuokRdg-zvdGdHgnaG7j5E26ApgG6sLLWphI9qKTdjq0sNpBJtObSFTofeLw6qMszNfT8vhXZO_m5iZYszbojfOGNk3BBlL3grHhxWMZU9RZy4cvXd6I2H_kJzz42nbTRwB8u9YHyLCj2s_h6xXevZFwTQDiVoE4YtuY5AjCTUcrS_RLwYIR0bw9rIDvDLT_xg_RQonY0oWAAaZyRkth2Z17F-IasesJo9ZlvJy4slQQrKj2YAUuyHddDrky9as8yDablm01iHWrtQ5pB-0j-1Scxof1REEVBQZwmyfmoJsklcz2_mTFBVEvQodJo4QZHulTBavM_XWBStAFtZwYfH-OJcNO59cRmlzpuCIP0JfZjIKypXQZnqqf-8N7eMrfLX0ZvGuC9w4bzPor7QYKH3bJ6YxwnMSp2kE6RxAdiZcqOTGRxzP-Tm3cnZBURA4mD_CYiTPY8In8MKwoExDqkK12EC4pcn5bwGWh_VVFQ3rkboZPVLBCfs7RG9JWCzQviBjiFb6EzQbuBLpNGZNI5kC_n-ROyQhzQfVzpEPuaaLlrc6ZfPUQWbAm0o7uDM7NxBKJNVqiCN9cdnNJB4uQduh8dEK0mi4RT5wWRqpfXz3n5Xls3q9XFHuT5J154Y7wBbj0-puy59K3WJDs-FNBO_UEPg6MQ1uHzBZZFrWNJKfU2jm1GoH42MYeXaMYihohlckrIQbrL-3oG4SS3vA6KsADxp7P2tXWa-GNfaEwD2SVvPrNRZFoyAUk1z45UvecVMg66xHnswbpqCYCxP1Xy1khMWFpTiddMp3j9aV7JptN5yqxE6T-DcdC1nk0NAY3GwX-_M8mKoacERRfPOjvTZ_rFaepmvxv_OIc8oLzjElotslwZKMc5tOBZBvLPIXO6O6VesB6k3poe3l7bXVWUcsDxx0JhKQn5led3OIriGwIYj5qimcZZkqeGMjw2sfxKdGeZXfLZgyTKL8Nh2VVkP14rMsquKYMotWYO4gY5v0H34wwplNz3shO94994r8GYoG6JOw2bIwhia_uGs_NgSuKiTGervBztsABFI09rneKNI2j-6Nkg9OqThgwje-ctH7_jUsN4i0g9mUYSge_krBJ-REWc8KhZpzPQV1TRB5ArIccR1v9mcO-K6ji3dfG4HZBrCQCFS6gOsywQRFsHJOZZH9rD1pQubeuLokl-LoFONoZdCVplDqdYkLPx2ojDXmFdkzB4MFmlI0e0e6UbHyohTsPj9e_TcJ6e1ZxE-oB9_l2X9ikqYJJUNAveVaesEp_TsBw5R-YbED-dz2929duFqykh5lwjmDdrxY0MEcDWAy53jZqJCVGwB8QOm6T3klJcUU5BiNL2jEwry7FTSBZwVvtwCzAvNbgLors7ZBIU_Uj73vqXAD_qXMgYQ0r627RlNJ6aVvdkSIHmOIl1leTnE8QbbhW15iJpzyD3yVdz9tgollMV0sKWrNlxnC_dIBnVjwCDpWph156wsaiIQFpTrM4wMSRSKdu0IM2n8rtfZcAsUmIVPv7sB5VVh6_5HBxjBmVvh5gVgiGcE44rciknQ6RSEnsecErdLkS4L8m-ObKJ-etbBrzYT0E8L_A8wlBIGwNcESz9gb0hYjLQ1Oy2hOFmRuiG6v5y44CwNpZX8a3KdBGsEUSHDbfvM89wbU25GShHOOc7xyp_yNiiVHcu6HAFucwIGYeDZ8jFWnx6E08XjdUuQJaABUmRrfbqJRcslR0z4iNRlGJt1iRXOteigNrTlq3ID0h6FiHZU-d-Dz2RHH3QaQtlE8UxhfZzUCktlB-3nKODGcEaNaFPUB2H354ks5PGMxssPpH6mtN4iPUr71_sTfOZpnYqjxyP3qot8ogNXFhGt-7v7leXatecan_fh52ApT6JzicXzWb0QKVpVgHCJgScEE0YEFUZPIzA&cid=CAASEuRo36DSgRB8nSM9C4svDYmc_w&rfl=1%2Chttps%253A%252F%252Fgadgettendency.com%252F%240

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b1e3207975662ee01b10c114321458d186207f24f72c4a026f633f7afb5b5fdc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 store-logo.svg
s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/ Frame 4BE5 3 KB
2 KB 42ms
41ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/store-logo.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0429afc3b762e552f144f79244d930318936c43767a00d217ce7bbf014594fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 15:12:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54062
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1650
x-xss-protection: 0
last-modified: Tue, 21 Sep 2021 11:41:11 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 15:12:10 GMT

GET
H2 200 pxiDypQkot1TnFhsFMOfGShVF9eO.woff2
fonts.gstatic.com/s/productsans/v13/ Frame 4BE5 34 KB
34 KB 42ms
42ms Font
font/woff2 2a00:1450:4001:830::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/productsans/v13/pxiDypQkot1TnFhsFMOfGShVF9eO.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Product+Sans:300,%20400,%20500,%20600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 08:56:07 GMT
x-content-type-options: nosniff
age: 163025
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35140
x-xss-protection: 0
last-modified: Mon, 19 Apr 2021 22:53:52 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Fri, 04 Nov 2022 08:56:07 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4B42 0
56 B 78ms
78ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BA8s79xyGYZKaLtvJgAevm4W4BAAAAAA4AeAEAg&bg=!zM-lz4vNAAYH3anuB907ACkAdvg8WqPjheqp5uXPvoxFXIvUQczkF5VCpHvgbR7qugdNlejoJvuX4gIAAACnUgAAACpoAQcKAEW1xIdZDyevP3BaeCFsYLpBco5EUbLgXloS49O95QXepafOg-GDfpEWhbR08Q97EiQ1lM95kqZcmes0Ro7wYKwTn01ucbOZAyCsqOiD-3LNXeBRMzjMHehQfguT_S-0yRkE08fIdcFlh_nmDUKUenR5LcnUFNwXmqw33zPfrc31C-zme1CmaFnXX8xoh-mZZI2nWD5lzpg-wbHCLTA7pEuEwkbstRUGhfOmVMiBHkpwv2iW1p3W_nbA_zZ7Z6B0ujIHzXLJhQa84bSOLYb3HN5X7N3Vc0Th7a1oWjcFfCCQYuodVHjsn48Z7n4X7VT-qy1yN7UmhoX4yhl1ZHaKB3UVymqP9I-pWpUTpM8HOtanhW7QKtKfAkuWs7EDzmU5mDlVt_Q_G957SlAA2IB5yTf4tKVnUhaRvbofZMbh1xxrh4vpox1MEC1dv6GttffQ7H5mUUcj-MnKVTP9968B-wEIUft7g4UuIuj4Gnij0H3hRKi1OfJIGU9Tod6YtX7AEm3B86eU02WljGSHJJQPYjho-wjnqzXOmEZUhxBHzsv1wn_ajWkLSzohXoqyhkXK2BOHlSEjcRZGjUXqfc1bluYZqhvNK5v0KKdiSIDdeAvhnccWfuZbWLyc88fgqZWP5h8xpAKuh39b1Q-0IWkoHBK2R5G-S8I4H6wF71jY2UcOOSl8N3qSiAliTDYGZMqKDA_aNm2n9jEz3tfSlT6wyBbdJYCJBCNShP9V-XVqc3lM4_3AKCERuXwzBo9KJI5BAIPRLfCp5qPXotX0iBcyumkvjk_aNZ2HR45To712cQysactFjYZtg0S58vNfbOkN4Kmoxg7xMpg8s0KE51YvgJpP_CPbLdnBRIT3oBrVEMPDJhug4spbRSNNtLF7-EcsT5Yg1agXGesu-epZMVg3X2rFnfYawR6EwnfLDF5DTh4a1u6Wu171tVGOi54Llj1B23YgEMLpb7yl3F55a_dMs6YutFR_8D5cspYHvmeyEOqnCcMCsFV-xGhRSTOK3L7jwfmZ934zPjDPUNAwGnYyIwfl3AOG6kYPvJRxsKL4aEfhtxfAqZVQCLURaMX5icX1ETddRDm3SuA0Ql_VgWpxojTVN1IzlP9tF6OsRgK6Bp-v-JrsJDY-lh7-yPJbdZePFo_qzMrGzUrsdQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 6E2A
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_cm&google_dbm
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH_8H0sXnp-83fRzbI30UOo&google_cver=1
https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH_8H0sXnp-83fRzbI30UOo&google_cver=1&__user_check__=1&sync_id=9f26e4e1-3ec8-11ec-bbf8-1df4c96b0506

43 B
549 B

43ms
43ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7025&uid=CAESEH_8H0sXnp-83fRzbI30UOo&google_cver=1&__user_check__=1&sync_id=9f26e4e1-3ec8-11ec-bbf8-1df4c96b0506
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNVfjBzF8Q5IE_56ZYRajG7BmA28to0Y6LEsl6amewYIOzohCa8m8jRw0HMtagF3tqORq-csnUqdkvUEandTDpQyTG-Nu_v0PUoCGKSvGKp0Drse72l0JN81Zj-uzedCGpISL-mI4IVwqigk0esDZw9hn8lA9ypIX5PgLyE7a8lrNjo3cKI
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 06:13:12 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 135
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Sat, 06 Nov 2021 06:13:12 GMT
Server: nginx
Location: /partner?adv_id=7025&uid=CAESEH_8H0sXnp-83fRzbI30UOo&google_cver=1&__user_check__=1&sync_id=9f26e4e1-3ec8-11ec-bbf8-1df4c96b0506
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 47
Connection: keep-alive
Content-Length: 0

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame 6E2A
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID
https://sync.search.spotxchange.com/partner?adv_id=7025&redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dspotxchange_dbm%26google_hm%3D%24SPOTX_BASE64_USER_ID&__user_check__=1&sync_i...
https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWYxZmJlMzAtM2VjOC0xMWVjLWE1MzktMTQxNDg0MzMwMTA2

170 B
188 B

50ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWYxZmJlMzAtM2VjOC0xMWVjLWE1MzktMTQxNDg0MzMwMTA2

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJ-i5AEQkI7rARj4osGhATAB&v=APEucNVfjBzF8Q5IE_56ZYRajG7BmA28to0Y6LEsl6amewYIOzohCa8m8jRw0HMtagF3tqORq-csnUqdkvUEandTDpQyTG-Nu_v0PUoCGKSvGKp0Drse72l0JN81Zj-uzedCGpISL-mI4IVwqigk0esDZw9hn8lA9ypIX5PgLyE7a8lrNjo3cKI

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Date: Sat, 06 Nov 2021 06:13:12 GMT
Server: nginx
Location: https://cm.g.doubleclick.net/pixel?google_nid=spotxchange_dbm&google_hm=OWYxZmJlMzAtM2VjOC0xMWVjLWE1MzktMTQxNDg0MzMwMTA2
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 86
Connection: keep-alive
Content-Length: 0

GET
H2 204 v1
ads.yahoo.com/cms/ Frame 6E2A 0
444 B 137ms
41ms Image
text/plain 2a00:1288:80:800::7000
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~b04e41039133c73fafd60e0ed8cb49a70ecfb061&nwid=10000483131&sigv=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7000 Frankfurt am Main, Germany, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame A9CD 0
23 B 113ms
65ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsv9fDV9dLAP00X12MtrMUS67y8toHl6H7AXpBsDwS8GSFy4zkIScCcpLhei1EfP2kffiyKP_3C9jasuCJivfJ_zOh7_ckAzH_HjNEbJDJ2MbRsRvxUBZ8mIJ2FJ6nW7xtBZrCdskFbr1EUUdGu_1F_PthB0m0zTv1iBwvLhpsTFMozaaIPvfilAg29A8PIE5LYXHQ6XvV0YJBuyxzgxYaeyeCqsosIv2PW8IOWdnoRJIfGyiSBvsIiBgZZ7IQ8IDcmGXDBEaKKD_zFaOEHq4dg_HLTMaky72VRjLy9SzzcGFLFoUEWzbYWF_AzFII3WiiOShgZnZ1cZ6blEiHiqP6SDVXDRtI1I4ywKpEh2rrHw3018hhPYqkMavSxKJWncUWzrHUuaQ9HZ6GbNeskR6cdFtxq7bdHm8wgJ240Tvwtxl6M-_k6YYGln16SU26zd5b98O4jzel_iSerdcMO9TdLak6R5yOG6KayvTdHvlUxxtFFozfSgrfnzGC7JruhVUJD7dsCufYyLRVixk14vla2L6JfJpcnbbR1b0_vC_0XFhqirFD2Cxt5RYj12HMnQlthRu0JTnFromu_NR7kTX4B21weh3pvh1tKF0LNk2GWLMKktfIeCRJ8fXd8WJSoeM2uDGiUcxSUWOe5SduMIwTFWc9M4etd67XFrKLtg3CVvhGnKr4UcsXhsJh8n8Pa-OJhioETMZW3cURpw7yL6uim2Z4amfXuwfcUGe8FDaS9UuZQLnSxOSjTxlLJSj8tHEb41A6mHGGFu2hc1NVa9-Z5rYddI_hVE5e0_mQd36kH2xP0bZRzFUpR3FITKyFScp3GS2CzeqU6Z5DOXNVcjtlmmv58-bozsTi45qur8w7cRDNvTlohUXmiSAzu-SL-vKpsiTDY9NphRK2hV-MmFvdf4s5gIMY_B9sagIJL8ANsdjvuXXmKT5GWjQATFlDI3G4rk8Tl-dbJ1NY4vlE1yY70tLnXTw2FZSWMlYei_7eT14c2a-1WxB4nMVj4PE2RSk5j5wZqlDce4XMIsIsYlQ3jt_pML1wqc7W4w_Poh2Gz52VhogXSn1_DciZq_UUWAGpTIwh7g2JMMJGenAt1_6-dZA5iAr69Zlezmz7t2MwUQyBWWxlJTPd77sRqmBMWH3SZ_yu2SMFeuaCczHczvOMK7v3xjDx8_XAvihZ8aKWtKmfsanZegQJtWZCverU3oJhcYQeouwcKrAxzvfctEIw-DBmm7iKB5yWeB4lbTAK4QaWXE5CBy2OegHCyE33h09_zxy74&sai=AMfl-YR7Ni-b8srY6YBF-hGHSEcoU1zTLWCUek6hvoARY83wyzHUdu9hq0N17DI8B2s-z-7Isdc9FW_lggdV1QNhPJUSJeamk5uUsTEVwBdb6nMp0r1LNNpXompYOZ3xMDx39GEzauC8YcdvNvdZNBEMswydkbwPPDroHYcJ-j-Syx6vFbhCPQ&sig=Cg0ArKJSzAVfYdnXd4Z-EAE&uach_m=[UACH]&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=588&vt=11&dtpt=377&dett=3&cstd=205&cisv=r20211103.56955&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 GraphikCompact-Regular.woff2
s0.2mdn.net/sadbundle/9399271271209893888/fonts/ Frame 7B3E 40 KB
40 KB 42ms
42ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/fonts/GraphikCompact-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d869e68ded46385086af23181706b5ba29ba4f2c87551fdd28955169a072263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 07:06:53 GMT
x-content-type-options: nosniff
age: 342379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40696
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 07:06:53 GMT

GET
H2 200 html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 8D80 169 KB
59 KB 41ms
40ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 60173
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 05:32:01 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/ Frame 8D80 8 KB
3 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-Dp5h2cX5F1v9GJ68cSY3LyZYyAHJnSq-4Tp_2gCou3kBX-UsGNs1t04AgFykOsMZ0mb5IGsYwdGyanjWqKyNvOTq2NcliH5BVV2MjDh67Tm3xMojfLrcqWAnMlmIbH67_4rGFBjIKxeCjdGaVXfmGW4PuaPg&dbm_d=AKAmf-BgXTnR9wSpSRU7jn9amKkPoFDSIjpNNZ5Ljmfupq3VfFXQyrBbGVlOTejOp8P2o1wSxy-hG53WirY0LWl0idXDn-uUmqWVbxgiIKdLE9uMsRHOhsW4dv0Lwo2fDfXmNZakYTduqoef_r5T3ebIF534uJqW9bZ1nMHYiYcHDn68RMc8mek3d2GVsf842nZp1Ta3WfAQywsZRKNsFiSfNF1zGNQ8RUyeVYYHCuxmv50WnqGNyTRhk_raUmX4EE6qUYNPEguhUSEBylQpE0fj2mmxZQB_Gc3f6jeWd-0hi6meKdVgxAmo_YdoxlNBfS0P_iUuqhkTKT0x3T5enUkOC8NEehmvlOy08RVOQm4dq3Rmv3gABW9bOm3jygGSwJeVnXtSutPFxYku4ZyoXFQv9Egz3cGL7jOHvdh0mvrdvY7fAsxnQ_19HD5b0j-7MJka_gUNGM9FAexM8SH6ogG_lZHqGOF1ygs1VxyB2rbybHydd9MJRXOvtfdz9DnAfH3qnIE0nCFxp0xxUeUgXLtpSEd7hI6q1QduRdruVVo7HgKmceiuEkdoZBsCiwYwPY-CXANX6ZeWGpZUfawma1bET31dRnW2VLzmnQrDJ6hL4bq5fM_PV0nedTIWH0B7Qwq4hp5JRTobNc7AMlfenfhAlcvbM6crkWX1s8xt6fhgnz8DoMea_0QSvp-KuP2CNH4MpkGdflXYHkM_TVW06eXHqhAZmNF3qHbOTRYlJoc9BNvWs1wjTjdKKuYX75TijRP49Hw-PWBxlFCjobVHlIsxmANHV-XXdaRWZIr_mprC6PmjT47Wpwdcoto5-DsSHjN0f8F2yBhMjMQPOzzy0mMFUMIbtgbo1ZyAEIc0BR2HwSwjoXjoM1u12TZhOk9X_6YfTdGWa-3arKCBSX4lpXN3mAU6CwriFwb4HRcKRNgj5h-18XYFiraB__jlYqrsUvaaxac_6FnJK0_Axwb3V-78BF4u2JkXlHqwtfGPc7OEuocjM2SCPVnuj6g2hoGqjHk337xJbYghad-xMu3ti0IHr1t6Z16QZ2_2nleNP6gx2X7RbKFCBdQ9eg4lLjw0DOSOU3qtpL586b0wxJpLrKzvCi4DPwuokRdg-zvdGdHgnaG7j5E26ApgG6sLLWphI9qKTdjq0sNpBJtObSFTofeLw6qMszNfT8vhXZO_m5iZYszbojfOGNk3BBlL3grHhxWMZU9RZy4cvXd6I2H_kJzz42nbTRwB8u9YHyLCj2s_h6xXevZFwTQDiVoE4YtuY5AjCTUcrS_RLwYIR0bw9rIDvDLT_xg_RQonY0oWAAaZyRkth2Z17F-IasesJo9ZlvJy4slQQrKj2YAUuyHddDrky9as8yDablm01iHWrtQ5pB-0j-1Scxof1REEVBQZwmyfmoJsklcz2_mTFBVEvQodJo4QZHulTBavM_XWBStAFtZwYfH-OJcNO59cRmlzpuCIP0JfZjIKypXQZnqqf-8N7eMrfLX0ZvGuC9w4bzPor7QYKH3bJ6YxwnMSp2kE6RxAdiZcqOTGRxzP-Tm3cnZBURA4mD_CYiTPY8In8MKwoExDqkK12EC4pcn5bwGWh_VVFQ3rkboZPVLBCfs7RG9JWCzQviBjiFb6EzQbuBLpNGZNI5kC_n-ROyQhzQfVzpEPuaaLlrc6ZfPUQWbAm0o7uDM7NxBKJNVqiCN9cdnNJB4uQduh8dEK0mi4RT5wWRqpfXz3n5Xls3q9XFHuT5J154Y7wBbj0-puy59K3WJDs-FNBO_UEPg6MQ1uHzBZZFrWNJKfU2jm1GoH42MYeXaMYihohlckrIQbrL-3oG4SS3vA6KsADxp7P2tXWa-GNfaEwD2SVvPrNRZFoyAUk1z45UvecVMg66xHnswbpqCYCxP1Xy1khMWFpTiddMp3j9aV7JptN5yqxE6T-DcdC1nk0NAY3GwX-_M8mKoacERRfPOjvTZ_rFaepmvxv_OIc8oLzjElotslwZKMc5tOBZBvLPIXO6O6VesB6k3poe3l7bXVWUcsDxx0JhKQn5led3OIriGwIYj5qimcZZkqeGMjw2sfxKdGeZXfLZgyTKL8Nh2VVkP14rMsquKYMotWYO4gY5v0H34wwplNz3shO94994r8GYoG6JOw2bIwhia_uGs_NgSuKiTGervBztsABFI09rneKNI2j-6Nkg9OqThgwje-ctH7_jUsN4i0g9mUYSge_krBJ-REWc8KhZpzPQV1TRB5ArIccR1v9mcO-K6ji3dfG4HZBrCQCFS6gOsywQRFsHJOZZH9rD1pQubeuLokl-LoFONoZdCVplDqdYkLPx2ojDXmFdkzB4MFmlI0e0e6UbHyohTsPj9e_TcJ6e1ZxE-oB9_l2X9ikqYJJUNAveVaesEp_TsBw5R-YbED-dz2929duFqykh5lwjmDdrxY0MEcDWAy53jZqJCVGwB8QOm6T3klJcUU5BiNL2jEwry7FTSBZwVvtwCzAvNbgLors7ZBIU_Uj73vqXAD_qXMgYQ0r627RlNJ6aVvdkSIHmOIl1leTnE8QbbhW15iJpzyD3yVdz9tgollMV0sKWrNlxnC_dIBnVjwCDpWph156wsaiIQFpTrM4wMSRSKdu0IM2n8rtfZcAsUmIVPv7sB5VVh6_5HBxjBmVvh5gVgiGcE44rciknQ6RSEnsecErdLkS4L8m-ObKJ-etbBrzYT0E8L_A8wlBIGwNcESz9gb0hYjLQ1Oy2hOFmRuiG6v5y44CwNpZX8a3KdBGsEUSHDbfvM89wbU25GShHOOc7xyp_yNiiVHcu6HAFucwIGYeDZ8jFWnx6E08XjdUuQJaABUmRrfbqJRcslR0z4iNRlGJt1iRXOteigNrTlq3ID0h6FiHZU-d-Dz2RHH3QaQtlE8UxhfZzUCktlB-3nKODGcEaNaFPUB2H354ks5PGMxssPpH6mtN4iPUr71_sTfOZpnYqjxyP3qot8ogNXFhGt-7v7leXatecan_fh52ApT6JzicXzWb0QKVpVgHCJgScEE0YEFUZPIzA&cid=CAASEuRo36DSgRB8nSM9C4svDYmc_w&rfl=1%2Chttps%253A%252F%252Fgadgettendency.com%252F%240

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:08:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 293
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3140
x-xss-protection: 0
server: cafe
etag: 17163059639670574047
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:08:19 GMT

GET
H2 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/ Frame 8D80 24 KB
9 KB 48ms
48ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20211103/r20110914/abg_lite.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 102
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9560
x-xss-protection: 0
server: cafe
etag: 378257483732583304
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 20 Nov 2021 06:11:30 GMT

GET
H2 200 23406897_20170911152007076_1x1.png
s0.2mdn.net/ads/richmedia/studio/23406897/ Frame 4BE5 68 B
191 B 42ms
42ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23406897/23406897_20170911152007076_1x1.png

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:32:26 GMT
x-content-type-options: nosniff
age: 2446
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 68
x-xss-protection: 0
last-modified: Mon, 11 Sep 2017 22:20:07 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 05:32:26 GMT

GET
H2 200 23406897_20200714065311238_super-g-2020-h.svg
s0.2mdn.net/ads/richmedia/studio/23406897/__version__/1/ Frame 4BE5 6 KB
3 KB 43ms
43ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23406897/__version__/1/23406897_20200714065311238_super-g-2020-h.svg

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e63e71413cbcbd6f0beef33c56a5a72a1d23bd82df6954d584513c6f6062f103

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:58:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 76464
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2693
x-xss-protection: 0
last-modified: Tue, 14 Jul 2020 14:25:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 08:58:48 GMT

GET
H2 200 23406897_20200826052451892_nest-hub-max-logo.svg
s0.2mdn.net/ads/richmedia/studio/23406897/ Frame 4BE5 5 KB
2 KB 43ms
43ms Image
image/svg+xml 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/23406897/23406897_20200826052451892_nest-hub-max-logo.svg

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6b7ccc50e9deeac2c9f0ab5950e20309482cd519b16af65a93c7119fc5cc42a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/ads/richmedia/studio/pv2/61482652/20210921044110936/index.html?e=69&leftOffset=0&topOffset=0&c=Qp3AyRBbbL&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:12:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2083
x-xss-protection: 0
last-modified: Wed, 26 Aug 2020 12:24:51 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 06:12:09 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4BE5 7 KB
5 KB 143ms
52ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_246&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fd18f805559d7e28fd0c3f5d7564894e07ed38da1e0d4fe66d6a243435eaa3fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5113
x-xss-protection: 0

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 7B3E 7 KB
5 KB 107ms
55ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a5d1f5f5037b36af16f4aa856db1a7307867c93d1bd1ae88233a12d6c8c4e496

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5139
x-xss-protection: 0

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame AA4F 0
23 B 66ms
65ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvq9Eor_HcuwHCkV3qXxUo-XqiQy5Quc54me-DBn5HcVNzD3Ij6QrLDKUsh8IoYs0lXGGUEbrdozLMDvjLiLBEE2e9cXDeXxY60gQrYeiqSr6BgciYalK7IRMQmE5CYml-zOFgXOnH3tyzGRES_g6V8JAOpnZB5dGCJirXfzslfH1HQnk7dWHqRPpofBxeh7a79w5CMLBf1y7ictCIKANBqdiFrZjgcKgol6HkI7NKbCNgWsZtrCSSmmqV8xM2oZ7nOP0MHFiAVQkBqcOlT3d7YfF65ksbPIxtQ0vejri-xVCVm1Pd3pH0Jm3uHj38KM-Lc1uN8Gp5PZI3juoxSxIclRxiJID0EU7i9Xsvl-NZJ8EKYLLSG60vAGMrK7bY_harJBjhCqrj44M2Sdb4sBqp9i_m8XB-yH4Xk1I8zEFn6ohbqG6mfyQDQj3lR_lF9wK1CI26rYfUISkDQV-krzOXoBiHy0vvnVTfOXHZkrsFxcXo4Ld3qX80W4O3MA_AqFWxzY-J9lVNgW79tyu_hnd76wmobn1HsQgfBhsDWV6LQi8z688uMhwcPkVQpF1lrrvvNa-20RdHN8lCtR6-eKXXyck-DAKSQYXnPvRR0dF9W8eYgnCE2brgNI7-9y716vy-Q47JIHaSbamN90dxQyKwJbYHryLwdXIJhQEeWpRzaBKZeThZm-HHCytPIgSUV9R1wrD35-Dq2JC_iNsiaX9F0YxVMV8Wenopvi890Hok2iT2nX0Ss-uVZqXdOaimDS4ggeQSmYwWitNbqB9Tih9c0vdDS3hQtgWYiCeDI8T-uxFKUByBDzbqfeZP3k9_d6S3MDkT7Jf0awPHmS1PF-B5hf-9hGAT6nqsXXjc55FMv2cq5lrFbGlLO-rKmj04uyeHNmoZcvEQ7BMwo6L-Idn521Dc3dep5OqfJL51szmeDeCnaiNlMW05T3k3_h5OYstopCvpL5075UzwgaIFo9TOcgZjzC7RuAp8KrLqEh0VzIlBHlWFo8D-LF3mPCbkJIGbHtfCxZG_mEva8G1B0fUATQblrQGXMQW-zDs8T989pZ-6lRsN5o6qHBAoA9Qom0CyF8E9Ij3LToHRn229HpJJVrxp0fT8oNSgoMyXJAqxbgTXnRpPOgNFfHcLrB5WiwwKNKSRwICleh6ZRB2f4mcxyojro9s1zko-j7uWcBj8WmS5051lJ8IUaVzZFArWm0Bpet52JJC15ULbjc-oxzdeqNO0&sai=AMfl-YRzbrCbBBd4oLHtHZljLWjtUd_2_Wiqy7rH9gJ1k41FdPZ_3htwGwb8Ak_O8J2CScKfRUTP8xZ0yP3BHI9YpDcXfO_wUBYgVoAV5MDVZs5ScfsMzOuKl8cBFFMoDKX-Clate5nH8ujk1ALqo8GbcatJj5K46Q&sig=Cg0ArKJSzJY29IsBz5MpEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=582&vt=11&dtpt=472&dett=3&cstd=104&cisv=r20211103.75805&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

206
Partial Content

file.mp4
r4---sn-aigl6ney.c.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ip... Frame 4BE5
Redirect Chain

https://gcdn.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/ip,ipbits,expire,id,i...
https://r4---sn-aigl6ney.c.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,...

821 KB
0

132ms
29ms

Media
video/mp4

2a00:1450:4009:11::9
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://r4---sn-aigl6ney.c.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/76C0EEA5A49F6DBFEBC565ACF1081A7F09827EC9.37C3FB7DCE9E5806B64E5907A1C29C81D3A7A71D/key/cms1/cms_redirect/yes/mh/ng/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ney/ms/onc/mt/1636178908/mv/m/mvi/4/pl/48/file/file.mp4

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

HTTP/1.1

Server

2a00:1450:4009:11::9 London, United Kingdom, ASN15169 (GOOGLE, US),

Reverse DNS

Software

gvs 1.0 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Date: Sat, 06 Nov 2021 06:13:12 GMT
X-Content-Type-Options: nosniff
Last-Modified: Thu, 20 Aug 2020 14:10:07 GMT
Server: gvs 1.0
Vary: Origin
Content-Type: video/mp4
Content-Range: bytes 0-841160/841161
Cache-Control: private, max-age=86400
Connection: close
Accept-Ranges: bytes
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Content-Length: 841161
Expires: Sat, 06 Nov 2021 06:13:12 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
server: ClientMapServer
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://r4---sn-aigl6ney.c.2mdn.net/videoplayback/id/9547bac442b9ee08/itag/15/source/doubleclick/requiressl/yes/ratebypass/yes/mime/video%2Fmp4/ip/0.0.0.0/ipbits/0/expire/2144448000/sparams/expire,id,ip,ipbits,itag,mh,mime,mip,mm,mn,ms,mv,mvi,pl,ratebypass,requiressl,source/signature/76C0EEA5A49F6DBFEBC565ACF1081A7F09827EC9.37C3FB7DCE9E5806B64E5907A1C29C81D3A7A71D/key/cms1/cms_redirect/yes/mh/ng/mip/2001:ac8:21:23:2da::1/mm/42/mn/sn-aigl6ney/ms/onc/mt/1636178908/mv/m/mvi/4/pl/48/file/file.mp4
cache-control: no-cache, must-revalidate
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 694
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1621 42 B
497 B 78ms
51ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstHVmmd2hrHAqRP1uCm3Lm8311vODEcpqGmIx9zkw9RwJYoCbW1h9lIX_aDPuwpFijsMRsjJCDXZtryyTX3GmGjETLBLndvR8cvmZMTcZgkBsbu-KT51w&sai=AMfl-YTJU8tQltNN9M54MyHlp16u3nyH6i_XDwL563A1BY9pAlVy7OKGPRHtqTT6Jcsmk-mkPCau0LVbrr5Q&sig=Cg0ArKJSzC0CdFdQXrLIEAE&id=lidar2&mcvt=1034&p=0,0,280,642&mtos=1034,1034,1034,1034,1034&tos=1034,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3004737011&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636179190482&rpt=1029&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Editor-Bold.woff2
s0.2mdn.net/sadbundle/9399271271209893888/fonts/ Frame 7B3E 22 KB
22 KB 41ms
41ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/fonts/Editor-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df2d952f361956a74458dc26c18617fe645485d81dcd9d247c4c057d4205bc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 06:51:47 GMT
x-content-type-options: nosniff
age: 256885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 06:51:47 GMT

GET
H2 200 InvescoInterstate-Bold.woff2
s0.2mdn.net/sadbundle/9399271271209893888/fonts/ Frame 7B3E 23 KB
23 KB 42ms
41ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/fonts/InvescoInterstate-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2f9794cf9a1465f85b132a63e0ec4ff84d58302b7d6d5f553584ac6b0bbc4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 06:51:47 GMT
x-content-type-options: nosniff
age: 256885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23480
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 06:51:47 GMT

GET
H2 200 Invesco_logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/83881099/dirty/images/ Frame 7B3E 6 KB
6 KB 43ms
43ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/83881099/dirty/images/Invesco_logo.png

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5f4699b5234015f527995583126f4bbc8d767c0215578e7d6d9ad69ee76016d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 23:18:37 GMT
x-content-type-options: nosniff
age: 24875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5757
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 09:20:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 23:18:37 GMT

GET
H2 200 vermeer_bg_big.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/83917902/dirty/images/ Frame 7B3E 89 KB
89 KB 44ms
44ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/83917902/dirty/images/vermeer_bg_big.jpg

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df00d7b00caf5030f225d9ba8c973976a65f581e5562cddd3df0236723f8bb94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=5ylkJ970tI&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 17:35:36 GMT
x-content-type-options: nosniff
age: 45456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90819
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 09:20:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 17:35:36 GMT

GET
H2 200 index.html Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 5FDE 3 KB
977 B 49ms
49ms Document
text/html 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/html_inpage_rendering_lib_200_275.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e281d043da463bfb1e696e8d54c639739f34c2df44b0b5e3f8ca71809fd2a6f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 897
date: Sat, 06 Nov 2021 06:13:12 GMT
expires: Sun, 06 Nov 2022 06:13:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8D80 0
24 B 70ms
70ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfOH2Tmav4YbTzXjiFev_lBS4sZuanmkKv3zb8CUwyABvpLsjBj7IzuK_OVlXbZa0u8J9SfX88OUNdylml9cNrEMD8B6kfKHegsBDvgVD4wdLoBsiDyBE3q_PpF2J2ERkg-hsOsoPwwwZPDxLYOj6qJLgwG51Y5H1j7Tndyh8t4xKdR48jXmorWDHTzZU5cZp6g8ecBCK0L2PNCUbiBaHarwI62pYbYXfmHSilphXIUcDTG0Zl5Do14sfbJamfcYqSKdb9H_GPBqZADZ8T2yxFCY7CyQKKBLrJ07rA6br3L5xZwT2Eypw7yW85lk1P0_69JHxUhb1Ocx3TwoZKfQ5oX50letR7QzB8BTDbCVSIdI-2alrq0IIcbYu-BJgJbCwQtWX3-wG7Rt5GeWZ5rRcqwSIz244-gd6TfyibyNduItercAYqwz896dOhaG5DkHlJf2YOVAuoYhumgoJKQbAHV33Nm0qGQtWHS6jyeRdUYBvTOWTl9lRuzaJf7LSBKv5yC4QEFbmxfqanvACqcBQbqL6hcOXpXk3Au-03TJwzNICA7PvsPfilDDlPcz98IsJIpkYXvpg_hNRwUHsNch2ny8DKNNHzpQmfMC8VlGnCI63XbQx_Wl--TuT2qPrRcFCWuK6cSQNDyQIs3IGoIaQX0BnQEZQR9X5nTWWEsFjx4CjKeS1dqKUrzCwhvz2U0C9ebMEPSdFDmd2gyJji-kJZyZU8daUFpPGVzjMSSjiFb6b-5AmtDICZk35UgQf42QjmAYQfqJ2maqTKC-C5WJ5s6AhZVjMf2A9weBkXQgf4E_cxYl3mw40SEFrUtpd32dGrEGrI0u84QwfMHNTQ5tr-U8SdLclvQeq44gkHycX18DPZ3NYAbHMUf8gJAQADAP0Y3oqHGKgzHDKkLqJ9rIP7_PmaMhWnHU81sKa9seqVrXrvDSxXGkl-yYLhu1vxcSFyD8yXz0-2qdoKgk5TSmi_mtSVCDkXsmf0R4Q8hniC9wLaY7jlciakRN4GWE8_UfI6xur1Lfr0tZuTNty8unjVGBRGruKo0tukrxD0vThGkBGR_NUtYrgQVSXs73oVc744o-xwy7d8MzRSv3vS-I233CiC174xS_yEAvCb1LtNr3K4O2LPdSlU1XOgOvv8Ifd3VSYVF0KnVV5W9xcnHOuKfIedq8OIF8Mcij0sV85IxqdOuf1uAFrUwzlI-7gdVPwQD903BzzIcdFHG9FNcrVHJgA9&sai=AMfl-YQ1yQAJrwpOsdCxPTQ1Lq8qbQ1CEr2zmcq5h-nDqYmPwb197PhfZwaFJagFJIzG_CgUdJTBQpWK20ykk9iSCQGR6cdBXRuzG_kjiChwcVg6KaXrWTIE-p0tw5BPf2CJHWai6BnCU3Vl7gZTAIbW51IGxtysXw&sig=Cg0ArKJSzH3ca114nSSqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=160&cbvp=1&cstd=147&cisv=r20211103.65598&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 06 Nov 2021 06:13:12 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 8D80 41 KB
15 KB 43ms
39ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 08:37:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 250542
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Thu, 03 Nov 2022 08:37:30 GMT

GET
H2 200 cookie_push_onload.html Show response
pagead2.googlesyndication.com/pagead/s/ Frame BDA8 1 KB
783 B 41ms
40ms Document
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/s/cookie_push_onload.html

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 05 Nov 2021 18:26:41 GMT
expires: Sat, 06 Nov 2021 18:26:41 GMT
content-type: text/html; charset=UTF-8
etag: 48472445140208031
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 724
x-xss-protection: 0
age: 42391
cache-control: public, max-age=86400
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 8D80 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5060be7d42b5fb9736511e8249a42ff13e4eaad696be30d6e050b8b1af36ced2

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4BE5 17 KB
6 KB 49ms
48ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_246.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 7B3E 17 KB
6 KB 55ms
55ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame C9F1 0
56 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BkN299xyGYZ7oNJTH7gPEq4vYDAAAAAA4AeAEAg&bg=!urmluf3NAAYH3anuB907ACkAdvg8WlMfAx28TJXCQz81xsDn-UvNEPNpnCpq28P3bkI1PhhbTbuXuwIAAAFrUgAAAAxoAQcKAC5rQowW850jaBVDDUDtUNqhhtRMQICotXu_vcCWtLN27riDkwGk8N1VlpjI5dr5mQLjvl2EK54NsqRkd-VtqJP5NX_muV_PoPgQFmx0n_6EEKgmtDRGy-r4eIJyvRUJAozirq0mmFMK93RhXzxyYT9l3xIKU05Y7B1nYTnHC_Nd1meyjiWqxIM3VHGAJObNwBDIkNWmmV2v3L6TocSAJq50mAHRaK1b40I-vGx6lySaVQm9CjcW-G26uGeIvF9rYLDj4pnCa0WCFQWEKvMUwXfmyklVQ_-_rBiFMTeJcsPwXzc6IDzya5AXvMUIF6x0ys2lHYa6vxfWQrme251c1PVx2dbGpoGiSfDkgEp_e7Ro1jgdzvz4qk4lkacCDJkyJ56-Fjd6zxidON5Pmp_x0cHVKdaoxOXS6M7mzCGkST1_GHqklRC26Jp_vTiKNsmWfDeJrQgpW5fn36KTTx1kFpqFa4Du9-1rELROJyQBqEa4aoaAsBLdWZJv_7YoTV4-2KeCPPfV-IMjoM5GTBf-moQkS7oHDdW3bGaV6hhnR4BNGnCzWYDo-SRFK2N8f14Kgh0xXjrAarNQV61BpoFtL5O12uDx6ORyDm5YDZH5oxhc7D-JSEzWGB1nT1M-u2W8Ipjfm-R_fm3P9KnNwVVWdS6XQ_jz-W8E5RUWrOxd6AUIxWX8BDvuDfxH-AZP8mYEbbo6W_d6DxbnMO3pAS5P2NgROlstu1lK7lU2BijnLQgg7aQy-QOJ4WBWIPqTdU9fYyM9SbIy4w1lOVyV00InYxPAyB4LAG8D2PRkaB08L0VqyVlBi1JG03T2VuPlYTGm3fpeLsSLNp2PDisCGFuZ0qaHonLioV2Jf6wz8abhbNvpdLYHOwKGYipT6uQZgUXU4Nyvd1qoVzB65gxDSvJxbJhuqWuCScBqC11ubwMGJtxUbjJEmp9BjbjTMq2xn3S_A4Hne8-cAS3BlAEFqDJcAbs7Jn6Tv9FE1hjpMCzi_OhbwvslSDGXTIbrOQVLQ95W7kL2bDwTgNXunVAQFsuwbB3andOnHA

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 5FDE 4 KB
709 B 51ms
50ms Stylesheet
text/css 2a00:1450:4001:80f::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@100;700&display=swap

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5a8710d81938f21afdd8adc1bbbf09ad1fbb4f80ca43ada74dd10726cae7e1fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 06 Nov 2021 05:53:36 GMT
server: ESF
date: Sat, 06 Nov 2021 06:13:12 GMT
x-frame-options: SAMEORIGIN
report-to: {"group":"AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/encsid_AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
cross-origin-opener-policy-report-only: same-origin; report-to="AXrpQdfmR0fDhCOPhF1MuC4lh4qBOg6Nc66MCVJYeKk"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 style.css
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 5FDE 6 KB
2 KB 42ms
41ms Stylesheet
text/css 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

aac0201c6723f2c1f199a1b4d4136e488c8793b7be8dad1875f97823db9d6fb1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Thu, 04 Nov 2021 09:24:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 161336
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1766
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 04 Nov 2022 09:24:16 GMT

GET
H2 200 SplitText.min.js Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 5FDE 7 KB
3 KB 42ms
41ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/SplitText.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4aa9210ddc672e43bb409243fc14424e411a2a76fa7b7250c0c99da0e19d329e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 08:39:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 77626
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3087
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 05 Nov 2022 08:39:26 GMT

GET
H2 200 Enabler_01_245.js Show response
s0.2mdn.net/879366/ Frame 5FDE 110 KB
38 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/Enabler_01_245.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 05:32:01 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2471
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 19:32:54 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 07 Nov 2021 05:32:01 GMT

GET
H2 200 tweenmax_2.1.2_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 5FDE 113 KB
39 KB 56ms
56ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_2.1.2_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39910
x-xss-protection: 0
last-modified: Mon, 11 Mar 2019 14:29:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 invocation.js Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 5FDE 5 KB
1 KB 43ms
43ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/invocation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04951ec4c2cb0058e93c9c0232623bd68d8442e7f8d29403e9751cf1720e0de4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 11:53:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 325194
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1209
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 11:53:18 GMT

GET
H2 200 script.js Show response
s0.2mdn.net/sadbundle/9399271271209893888/ Frame 5FDE 25 KB
5 KB 44ms
43ms Script
application/x-javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/script.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1b7f5dc945fb266ebfd6332693674c6e391337f4a399785102203bfa287b4c71

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 07:38:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 254100
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4905
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 07:38:12 GMT

GET
H2 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame E7C9 22 KB
8 KB 41ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
date: Wed, 03 Nov 2021 08:37:30 GMT
expires: Thu, 03 Nov 2022 08:37:30 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 250542
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA8
Redirect Chain

https://cms.quantserve.com/dpixel?a=p-n5vvLvRdjg0ek&eid=0&qc_google_push=&google_gid=CAESEAYDsQRAJNyesCo1sMfM3bA&google_cver=1&google_push=AYg5qPJkZdf9dwCPtsFE8Ae2p92JTGvIdncmAjBIWV6IWeasLWHmRc5eZt...
https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJkZdf9dwCPtsFE8Ae2p92JTGvIdncmAjBIWV6IWeasLWHmRc5eZteFo5V3IbBEUoHLW12FDMxd62IJYhkakMR__kXY9rtu&google_hm=P7kOxf...

170 B
188 B

51ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJkZdf9dwCPtsFE8Ae2p92JTGvIdncmAjBIWV6IWeasLWHmRc5eZteFo5V3IbBEUoHLW12FDMxd62IJYhkakMR__kXY9rtu&google_hm=P7kOxfiK6L8gPEHRHRaM3g

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?gdpr=1&google_nid=B765081F39B1F7&google_push=AYg5qPJkZdf9dwCPtsFE8Ae2p92JTGvIdncmAjBIWV6IWeasLWHmRc5eZteFo5V3IbBEUoHLW12FDMxd62IJYhkakMR__kXY9rtu&google_hm=P7kOxfiK6L8gPEHRHRaM3g
pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
strict-transport-security: max-age=86400
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA8
Redirect Chain

https://pixel.everesttech.net/1/m?url=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Deverest%26google_hm%3D__EFGSURFER_USB64__%26google_push%3DAYg5qPJsZrfcYJLHX1yteccJW9ZdjPAboNnNfK3yajU...
https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlZY0BBQUFBV3hJcmlhag&google_push=AYg5qPJsZrfcYJLHX1yteccJW9ZdjPAboNnNfK3yajUM6xzVEm4e7v7tQjYxyB0vx8xSvoxrFSQ1jd1iiVR-yj-1qe_qZSOapA4D

170 B
188 B

52ms
52ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlZY0BBQUFBV3hJcmlhag&google_push=AYg5qPJsZrfcYJLHX1yteccJW9ZdjPAboNnNfK3yajUM6xzVEm4e7v7tQjYxyB0vx8xSvoxrFSQ1jd1iiVR-yj-1qe_qZSOapA4D

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Location: https://cm.g.doubleclick.net/pixel?google_nid=everest&google_hm=WVlZY0BBQUFBV3hJcmlhag&google_push=AYg5qPJsZrfcYJLHX1yteccJW9ZdjPAboNnNfK3yajUM6xzVEm4e7v7tQjYxyB0vx8xSvoxrFSQ1jd1iiVR-yj-1qe_qZSOapA4D
Date: Sat, 06 Nov 2021 06:13:12 GMT
Server: Apache
Connection: keep-alive
Content-Length: 391
Content-Type: text/html; charset=iso-8859-1

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA8
Redirect Chain

https://rtb.openx.net/sync/dds?google_gid=CAESEHqA1eIg-E3ptV2OX2dTrWo&google_cver=1&google_push=AYg5qPJpvPR4OiJqO8iBg0jbAttjzBLvnD95QYW5ylNZmikVz4L70-DJi0Tr4mmU1lectwjaJeUxdwGHaQTXtpYFmY_lf9-dv3h0
https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJpvPR4OiJqO8iBg0jbAttjzBLvnD95QYW5ylNZmikVz4L70-DJi0Tr4mmU1lectwjaJeUxdwGHaQTXtpYFmY_lf9-dv3h0&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

170 B
188 B

52ms
50ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJpvPR4OiJqO8iBg0jbAttjzBLvnD95QYW5ylNZmikVz4L70-DJi0Tr4mmU1lectwjaJeUxdwGHaQTXtpYFmY_lf9-dv3h0&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:11 GMT
via: 1.1 google
server: Cowboy
access-control-allow-origin: null
vary: Origin
p3p: CP="CUR ADM OUR NOR STA NID"
location: https://cm.g.doubleclick.net/pixel?google_nid=open&google_push=AYg5qPJpvPR4OiJqO8iBg0jbAttjzBLvnD95QYW5ylNZmikVz4L70-DJi0Tr4mmU1lectwjaJeUxdwGHaQTXtpYFmY_lf9-dv3h0&google_hm=Fr1CfsJ7wX4jV8a0EDrk3A==
access-control-expose-headers
cache-control: private, max-age=0, no-cache, must-revalidate
access-control-allow-credentials: true
alt-svc: clear
content-length: 0
x-request-id: penq1bh3l2j41oufbrb8mmqmbb4j9n2j

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA8
Redirect Chain

https://image6.pubmatic.com/AdServer/UCookieSetPug?oid=1&rd=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dpmeb%26google_sc%3D1%26google_hm%3D%23%23B64_16B_PM_UID%26google_redir%3Dhttps%...
https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mp...

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLgjXx7-Zh4CbdVGa_7K_zs6h9BDbCgc17Lo82EHH9kxwiJGyif2KSpL4lWQJE_IBooG5tI4JahEV6-ZXe_R0AAVvpZhUWW

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://cm.g.doubleclick.net/pixel?google_nid=pmeb&google_sc=1&google_hm=-hndbpc7SdK0YwajSXIisA%3D%3D&google_redir=https%3A%2F%2Fimage8.pubmatic.com%2FAdServer%2FImgSync%3Fsec%3D1%26p%3D156578%26mpc%3D4%26fp%3D1%26pu%3Dhttps%253A%252F%252Fimage4.pubmatic.com%252FAdServer%252FSPug%253Fp%253D156578%2526sc%253D1&google_push=AYg5qPLgjXx7-Zh4CbdVGa_7K_zs6h9BDbCgc17Lo82EHH9kxwiJGyif2KSpL4lWQJE_IBooG5tI4JahEV6-ZXe_R0AAVvpZhUWW
date: Sat, 06 Nov 2021 06:13:11 GMT
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
content-length: 0
content-type: text/html; charset=UTF-8

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame BDA8
Redirect Chain

https://pixel.rubiconproject.com/exchange/sync.php?p=dfp&google_gid=CAESENalJPOHdir77audo8OXXbw&google_cver=1&google_push=AYg5qPITgKqrCMzxHxjVFYDR4tPEZOPt9oRhhLz5z-R3xOizheXHboBtrp0mbm2te4frqm92MOt...
https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVIMEstMS0zNElD&google_push=AYg5qPITgKqrCMzxHxjVFYDR4tPEZOPt9oRhhLz5z-R3xOizheXHboBtrp0mbm2te4frqm92MOtm0vmBRNymBYZH1tjG6ufIl_Mg

170 B
188 B

49ms
49ms

Image
image/png

142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVIMEstMS0zNElD&google_push=AYg5qPITgKqrCMzxHxjVFYDR4tPEZOPt9oRhhLz5z-R3xOizheXHboBtrp0mbm2te4frqm92MOtm0vmBRNymBYZH1tjG6ufIl_Mg

Requested by

Protocol

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Location: https://cm.g.doubleclick.net/pixel?google_nid=rp&google_hm=S1ZORVVIMEstMS0zNElD&google_push=AYg5qPITgKqrCMzxHxjVFYDR4tPEZOPt9oRhhLz5z-R3xOizheXHboBtrp0mbm2te4frqm92MOtm0vmBRNymBYZH1tjG6ufIl_Mg
Cache-Control: no-cache,no-store,must-revalidate
Content-Type: text/html
content-length: 0
X-RPHost: 83041abbe8494cb29eff3083edd6dff6
Expires: 0

GET

pixel
cm.g.doubleclick.net/ Frame BDA8
Redirect Chain

https://ssum-sec.casalemedia.com/usermatchredir?s=184023&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dindex%26google_hm%3D&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1&googl...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...
https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77y...

0
0

GET
H2 200 trk
ag.innovid.com/ Frame BDA8 43 B
296 B 111ms
36ms Image
image/gif 2a05:d01c:1d8:8102:2fde:4606:be56:e39d
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ag.innovid.com/trk?tid=11711&google_gid=CAESEHZzD8Sb3zAioZPy31Ew5II&google_cver=1&google_push=AYg5qPJ_9sdScWv_BhEfhKA_E3CQ1jBmhOtWFQ4nULAwjejZJic6qdvfnCnax0knsgqfExHhgbAJt7uln6FLL2XRRg8XDYNT8gjH
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8819900454201426&output=html&h=600&slotname=8804301216&adk=1902460578&adf=2350814771&pi=t.ma~as.8804301216&w=300&fwrn=4&fwrnh=100&lmt=1636179190&rafmt=1&psa=0&format=300x600&url=https%3A%2F%2Fgadgettendency.com%2Fmalicious-code-found-in-popular-npm-packages-coa-and-rc%2F&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1636179190407&bpp=3&bdt=893&idt=80&shv=r20211103&mjsv=m202111030101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C642x280&nras=1&correlator=6054264249085&frm=20&pv=1&ga_vid=1397844960.1636179190&ga_sid=1636179190&ga_hid=442556974&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1041&ady=355&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31063413&oid=2&pvsid=2137192318789966&pem=690&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&fsb=1&xpc=oX2TFDAdny&p=https%3A//gadgettendency.com&dtd=83
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:d01c:1d8:8102:2fde:4606:be56:e39d London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:12 GMT
cache-control: no-cache
content-type: image/gif
content-length: 43
request-time: 0
expires: -1

GET
H3 204 attr
cm.g.doubleclick.net/pixel/ Frame BDA8 0
12 B 48ms
47ms Image
text/html 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel/attr?d=AHNF13KWZ6FdU_4YPk_CvRC1hdUG6nDcUXbu7La9h98PXUt8sf0dM8EugYs9r5h9F0os9NKvS4xP

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://pagead2.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
server: HTTP server (unknown)
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
content-type: text/html

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4BF5 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 4629 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 200 GraphikCompact-Regular.woff2
s0.2mdn.net/sadbundle/9399271271209893888/fonts/ Frame 5FDE 40 KB
40 KB 41ms
41ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/fonts/GraphikCompact-Regular.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8d869e68ded46385086af23181706b5ba29ba4f2c87551fdd28955169a072263

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Tue, 02 Nov 2021 07:06:53 GMT
x-content-type-options: nosniff
age: 342379
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 40696
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 02 Nov 2022 07:06:53 GMT

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame E7C9 35 KB
13 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378223
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 8D80 0
23 B 64ms
64ms Ping
image/gif 142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvfOH2Tmav4YbTzXjiFev_lBS4sZuanmkKv3zb8CUwyABvpLsjBj7IzuK_OVlXbZa0u8J9SfX88OUNdylml9cNrEMD8B6kfKHegsBDvgVD4wdLoBsiDyBE3q_PpF2J2ERkg-hsOsoPwwwZPDxLYOj6qJLgwG51Y5H1j7Tndyh8t4xKdR48jXmorWDHTzZU5cZp6g8ecBCK0L2PNCUbiBaHarwI62pYbYXfmHSilphXIUcDTG0Zl5Do14sfbJamfcYqSKdb9H_GPBqZADZ8T2yxFCY7CyQKKBLrJ07rA6br3L5xZwT2Eypw7yW85lk1P0_69JHxUhb1Ocx3TwoZKfQ5oX50letR7QzB8BTDbCVSIdI-2alrq0IIcbYu-BJgJbCwQtWX3-wG7Rt5GeWZ5rRcqwSIz244-gd6TfyibyNduItercAYqwz896dOhaG5DkHlJf2YOVAuoYhumgoJKQbAHV33Nm0qGQtWHS6jyeRdUYBvTOWTl9lRuzaJf7LSBKv5yC4QEFbmxfqanvACqcBQbqL6hcOXpXk3Au-03TJwzNICA7PvsPfilDDlPcz98IsJIpkYXvpg_hNRwUHsNch2ny8DKNNHzpQmfMC8VlGnCI63XbQx_Wl--TuT2qPrRcFCWuK6cSQNDyQIs3IGoIaQX0BnQEZQR9X5nTWWEsFjx4CjKeS1dqKUrzCwhvz2U0C9ebMEPSdFDmd2gyJji-kJZyZU8daUFpPGVzjMSSjiFb6b-5AmtDICZk35UgQf42QjmAYQfqJ2maqTKC-C5WJ5s6AhZVjMf2A9weBkXQgf4E_cxYl3mw40SEFrUtpd32dGrEGrI0u84QwfMHNTQ5tr-U8SdLclvQeq44gkHycX18DPZ3NYAbHMUf8gJAQADAP0Y3oqHGKgzHDKkLqJ9rIP7_PmaMhWnHU81sKa9seqVrXrvDSxXGkl-yYLhu1vxcSFyD8yXz0-2qdoKgk5TSmi_mtSVCDkXsmf0R4Q8hniC9wLaY7jlciakRN4GWE8_UfI6xur1Lfr0tZuTNty8unjVGBRGruKo0tukrxD0vThGkBGR_NUtYrgQVSXs73oVc744o-xwy7d8MzRSv3vS-I233CiC174xS_yEAvCb1LtNr3K4O2LPdSlU1XOgOvv8Ifd3VSYVF0KnVV5W9xcnHOuKfIedq8OIF8Mcij0sV85IxqdOuf1uAFrUwzlI-7gdVPwQD903BzzIcdFHG9FNcrVHJgA9&sai=AMfl-YQ1yQAJrwpOsdCxPTQ1Lq8qbQ1CEr2zmcq5h-nDqYmPwb197PhfZwaFJagFJIzG_CgUdJTBQpWK20ykk9iSCQGR6cdBXRuzG_kjiChwcVg6KaXrWTIE-p0tw5BPf2CJHWai6BnCU3Vl7gZTAIbW51IGxtysXw&sig=Cg0ArKJSzH3ca114nSSqEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=368&vt=11&dtpt=208&dett=3&cstd=147&cisv=r20211103.65598&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&adurl=

Requested by

Host: gadgettendency.com
URL: https://gadgettendency.com/malicious-code-found-in-popular-npm-packages-coa-and-rc/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 12 KB
9 KB 60ms
60ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211103&st=env

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9241dd2ad1914f83ae908d38a04d2c91c9c7c14d23477f78bb582b8fbcf69835

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9411
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 67ms
67ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 06:13:12 GMT

GET
H2 200 Editor-Bold.woff2
s0.2mdn.net/sadbundle/9399271271209893888/fonts/ Frame 5FDE 22 KB
22 KB 42ms
42ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/fonts/Editor-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df2d952f361956a74458dc26c18617fe645485d81dcd9d247c4c057d4205bc8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 06:51:47 GMT
x-content-type-options: nosniff
age: 256885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22268
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 06:51:47 GMT

GET
H2 200 InvescoInterstate-Bold.woff2
s0.2mdn.net/sadbundle/9399271271209893888/fonts/ Frame 5FDE 23 KB
23 KB 41ms
40ms Font
application/octet-stream 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/9399271271209893888/fonts/InvescoInterstate-Bold.woff2

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4b2f9794cf9a1465f85b132a63e0ec4ff84d58302b7d6d5f553584ac6b0bbc4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/style.css
Origin: https://s0.2mdn.net
Accept-Language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Wed, 03 Nov 2021 06:51:47 GMT
x-content-type-options: nosniff
age: 256885
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23480
x-xss-protection: 0
last-modified: Thu, 24 Jun 2021 03:32:34 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Thu, 03 Nov 2022 06:51:47 GMT

GET
H2 200 Invesco_logo.png
s0.2mdn.net/ads/richmedia/studio/pv2/83881099/dirty/images/ Frame 5FDE 6 KB
6 KB 41ms
40ms Image
image/png 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/83881099/dirty/images/Invesco_logo.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d5f4699b5234015f527995583126f4bbc8d767c0215578e7d6d9ad69ee76016d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 23:18:37 GMT
x-content-type-options: nosniff
age: 24875
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5757
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 09:20:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 23:18:37 GMT

GET
H2 200 vermeer_bg_big.jpg
s0.2mdn.net/ads/richmedia/studio/pv2/83917902/dirty/images/ Frame 5FDE 89 KB
89 KB 41ms
40ms Image
image/jpeg 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/ads/richmedia/studio/pv2/83917902/dirty/images/vermeer_bg_big.jpg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

df00d7b00caf5030f225d9ba8c973976a65f581e5562cddd3df0236723f8bb94

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/sadbundle/9399271271209893888/index.html?e=69&leftOffset=0&topOffset=0&c=4iYpydzo84&t=1&renderingType=2
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Fri, 05 Nov 2021 17:35:36 GMT
x-content-type-options: nosniff
age: 45456
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 90819
x-xss-protection: 0
last-modified: Fri, 09 Apr 2021 09:20:44 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 06 Nov 2021 17:35:36 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5FDE 7 KB
5 KB 53ms
53ms XHR
application/json 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=01_245&st=int

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3d4d24f7144d63f0794a73729c456ddb56b6ed4dc86451a2b877e60d439a0e1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 06 Nov 2021 06:13:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5277
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5FDE 17 KB
6 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/Enabler_01_245.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Sat, 06 Nov 2021 06:13:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Sat, 06 Nov 2021 06:13:13 GMT

GET
H2 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 0B8A 12 KB
5 KB 40ms
40ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Fri, 05 Nov 2021 21:47:04 GMT
expires: Sat, 05 Nov 2022 21:47:04 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 30369
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C6A8 783 B
965 B 49ms
49ms Document
text/html 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e2396b1641d5536752232fac06da2e2c0b99c78cd3fcde486d359159266e5fb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ne2UiOiYf/6silmndexXdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36
Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Sat, 06 Nov 2021 06:13:13 GMT
date: Sat, 06 Nov 2021 06:13:13 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Ne2UiOiYf/6silmndexXdA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 510
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5ABF 35 KB
13 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 204 sodar
pagead2.googlesyndication.com/pagead/ Frame C6A8 0
0 94ms
93ms Image
text/html 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211103&jk=2137192318789966&rc=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

GET
H2 200 zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js Show response
pagead2.googlesyndication.com/bg/ Frame 0B8A 35 KB
13 KB 41ms
41ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/zcxQrsBjZtkA-sIi55aDcbNRce-W4yNq16DL4AdK1J0.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

date: Mon, 01 Nov 2021 21:09:29 GMT
content-encoding: br
x-content-type-options: nosniff
age: 378224
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13399
x-xss-protection: 0
last-modified: Fri, 29 Oct 2021 13:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 01 Nov 2022 21:09:29 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E7C9 0
56 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B9-_q-ByGYfuJFIik3gPDup3wCQAAAAA4AeAEAg&bg=!sbKlsvbNAAYH3anuB907ACkAdvg8WuAEfMLROsgcoN-mbNLSERtVXmRrxDzFbLCLTzmOd61tEHGy_wIAAADiUgAAACFoAQeZAuwYxhKUUQwxDr7PlCqO0FE0C5lt4QWjAImWdCwHIEqd6azgKy2bIP0csj7vY_MeQINyoeScv0RqWLP28olaQ4pvVdU3NqfyTmpiZ19tTQNDMNrWCY81r2hOHmaccAmVRBPu6gb6-m5dQ2GfyOavIvOW1hoxjl0Akks0sjy4pAMNBbHIALUVQ_8wtC4Vsq2vwXsDoqyuF-jvusvwiA9ZwZ4MRyjOoBR9Ie5_poJb6cBa0wB13Ufdue8pHz5mkzk1Pj6urs6nqdKXQkVsxYG2MIndJY7kZnUBgIWNTC6TxBVz1cva2HkBmE6yGJ19UZvdF_iTVbceX5F4R8xpzVherePU_B5QKQRab6PvUG71oI3t1CFrDx0eq-4T_ORAxF64FdJbdfMGyxfyJuKEAOBnW8xrwOfc9TGzDg-fMBcgnZVUMP5NgdH7zXhGZAcvq1KFUsxzum8sMwdOJThtvKmSKjjQg-2CKnNe7iSRJc9ZPji5k6A9FW4LZX9BQ6Kyq1BZETgF7CkISG4yQFq75OzY3LfGZWQH5KLXY792Rvw2e2Up1rzCqVhhAYpIodPjXpfI3DNVjIsQtb_kyDEtSuLdWQUc5Peaf75TvsHXtuQT0LgO1rszjb1ZekxwRvx4LRSG2rWQr4MCurQifuVO2qF3N5zhX6jBznUV7cXtzyDLf5co65WLlqdNusy4hhy0iHWcXveh1TnsbrKKeZLqDvYXVqHXjHGK4ktyLQQq6r_9VE10EEq6CPLhvdZhaXFHiXeuWfgkmimcIWISsqPfY_RpZjS0WANRguEGbhdJkTQE4SMY_hBGgMETQGJ55-dDlgw06AqdsZFfICDQuIhq3RAaXR0gjU04EebBNPKL9Vodgp3OnzX3-IgBr2SHSO19Pqvw2HFDtJX2b0DYEKOk9PF9ktfHN2juoQegt0h2sHm3X6VkyV6M2bwE7r_85A6PqwlIT8wNj_rYHuAruskT9smrup21NT43dwzxnCE8ixN4

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
56 B 76ms
76ms Image
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211103&jk=2137192318789966&bg=!AAOlA0fNAAYH3anuB907ACkAdvg8Wvdbo-JJAlABx31_97UVCFWX5J-lQpEMGWDf6Ifl42Dqw-1HnAIAAABwUgAAAARoAQeZAsUfd3QxpTubE8i0CxJgS1m0a_vEejO6u8RSeC7aRjMzpcrm-gYRJiZquZgONB5RdyOglaez4Egiyk8QvHznHbS02kFJ5j4YkFD1-7vgCwctCNnjc9PTMDhg--Mb9xR1RO9086cSJ5VfP0Qrb6O2MYAGDkzVKeqeI6D_ctSRzwgS23evzqu5hKXJfL6t8SJNgA26Zx-5Y_xuonExu3oGhgh5xMmHZUh4XwnaE6_pDApoCdORlE_Ea_sMBRFvWIzx4U22fjCv8fAFxEe13fJySh2VPbC-e7_760yNdbkuah8QC_c-8Hvn82yTYbwY5hzZ6o78BPVNM9M-NsC0OjfcGlQYR7dM99Z9Dv_d4D7xrCO33D-JA5EFwB1DAizGDHg7tGHh7XajKZsCZZ2SHla3uPj01LgZTuRXQF3G6qkUEeU63nMzaAH_ItcUrNXKwU_qxFtOgHp-QCl7bn2vtv68XvD2BCVcvw6tH1-W_12frDQpCPgURPSTgz4Ak5TjpSyaZO_RSdVwxQupyfIUGBYYmn4SQ3QZKpzHmHsRHqnflH3-tzqZTWrUw5U9vfwudYjFAlhI3GexEGIImrJV3akrQIpnIib_hz8nA5S4Y_h16POhBezhd80YGaFW5IS5eDdOsXEJWD3xkt-2uz_HSlz4rZEarD3vENYTmWpl-RkAJcRt5CQTnrvMUSti4W98qry3RepG8XZc25D-LHq59dcOc67SKGolqQD00j7B9bHUkVD5owTSwmwh2kl9oSqlvs7DS8aiLozKM85QrdR-NCJt6vBs7NkF7x1_D_y5jIPf2S7PD5w9cxndIslrII1Vr5vB7dNTfnNBIdmGHGScVQwiVCgdW7Bh6emFvZ5qvQKXMwJY58NSvnjD2yB0r_v39_kJoUsVUIwaG2MXjSmmitKhTMEpd2-FJ_ZLZKxBgSmhsUKm8EOyKrNQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://gadgettendency.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8D80 42 B
108 B 63ms
62ms Fetch
image/gif 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu10_Kif8IYaUm8Nbl3rX5qJ33CoDUUNxbjg6DKtdWjrjQrp49bCdlTZonV0fg4p57NSbGI9wrnU3rTTReIquphJ6nbiTItGl7w2KlO1qqmxfjzFy4Sfg&sai=AMfl-YQ_hLwI12OJ2YPYApGAT96CE_8tZdTH47q8IVBiXzMErBIGjaNQI8Yad1FuaMfFkfQic_sStVAfCCNw71OmjKm5JvtxuQAt9YI&sig=Cg0ArKJSzHbdBU8fW2DUEAE&cid=CAASEuRo36DSgRB8nSM9C4svDYmc_w&id=lidar2&mcvt=1000&p=0,0,600,300&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211103&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=20&adk=1902460578&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1636179191208&rpt=1504&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: en-GB,en;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.54 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 06 Nov 2021 06:13:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/simgad/3387408963016836100?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnPaKukrjJHYSQYhJe6pVVqEl70lg

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/daca_images/simgad/17455069647866089125

Domain: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Domain: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/pagead/js/r20211103/r20110914/client/one_click_handler_one_afma_fy2019.js

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1

Domain: cm.g.doubleclick.net
URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t

Verdicts & Comments Add Verdict or Comment

121 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.gadgettendency.com/	1970-01-20 16:00:51	Name: _ga Value: GA1.2.1397844960.1636179190
.gadgettendency.com/	1970-01-19 22:31:05	Name: _gid Value: GA1.2.1029047999.1636179191
.gadgettendency.com/	1970-01-19 22:29:39	Name: _gat_gtag_UA_169224141_1 Value: 1
.gadgettendency.com/	1970-01-20 07:51:15	Name: __gads Value: ID=1ebf11ac25f3121e-22a9396630cb0059:T=1636179190:RT=1636179190:S=ALNI_MZt7hRzBq5Qj9Y0Xn0yd0XgKlUOMw
.doubleclick.net/	1970-01-20 07:51:15	Name: IDE Value: AHWqTUlI4jQv2bValxy7GtMmzy7YczRLdQhkDlHZPFnsKTDobCS6ve3pgb-hzUWT_KY
gadgettendency.com/	1970-01-20 07:15:15	Name: cookielawinfo-checkbox-necessary Value: yes
gadgettendency.com/	1970-01-20 07:15:15	Name: cookielawinfo-checkbox-functional Value: no
gadgettendency.com/	1970-01-20 07:15:15	Name: cookielawinfo-checkbox-performance Value: no
gadgettendency.com/	1970-01-20 07:15:15	Name: cookielawinfo-checkbox-analytics Value: no
gadgettendency.com/	1970-01-20 07:15:15	Name: cookielawinfo-checkbox-advertisement Value: no
gadgettendency.com/	1970-01-20 07:15:15	Name: cookielawinfo-checkbox-others Value: no
.doubleclick.net/	1970-01-19 22:29:42	Name: DSID Value: NO_DATA
.adnxs.com/	1970-01-20 00:39:15	Name: uuid2 Value: 5568180973002597650
.casalemedia.com/	1970-01-20 00:39:15	Name: CMPS Value: 699
.adnxs.com/	1970-01-20 00:39:15	Name: anj Value: dTM7k!M41.D>6NRF']wIg2In@t:j/J!]tbPl1M>e)ZlrFUfJ+tGXxp2Le>dJX3_'sM#F']Mo$jZ.!opc?3O94SDa!bpRzqF1`b`nD*B2_k
.rlcdn.com/	1970-01-20 07:15:15	Name: rlas3 Value: CTaZPUxgSN5gRHKEKuBPo3V/d87qcawOoDBLorQ9ovw=
.openx.net/	1970-01-20 07:15:15	Name: i Value: 1a47f71b-c27a-47a7-9ff5-42eba704ed9b\|1636179192
.pubmatic.com/	1970-01-19 22:31:05	Name: KTPCACOOKIE Value: YES
.casalemedia.com/	1970-01-19 22:31:05	Name: CMST Value: YYYc+GGGHPgA
.quantserve.com/	1970-01-20 00:39:15	Name: d Value: EGgBCQHUJIEA
.quantserve.com/	1970-01-20 07:59:53	Name: mc Value: 61861cf8-12b87-b5599-d2edb
.casalemedia.com/	1970-01-20 07:15:15	Name: CMRUM3 Value: 2d61861cf82760CAESEIaCmonMK-1tiMPIX-2rXS0
.casalemedia.com/	1970-01-20 07:15:15	Name: CMID Value: YYYc96InyZJZ-asUvTy0tgAA
.casalemedia.com/	1970-01-20 00:39:15	Name: CMPRO Value: 303
.rlcdn.com/	1970-01-19 23:56:03	Name: pxrc Value: CPi5mIwGEgUI6AcQABIGCOndKhAA
.pubmatic.com/	1970-01-20 00:39:15	Name: KADUSERCOOKIE Value: FA19DD6E-973B-49D2-B463-06A3497222B0
.agkn.com/	1970-01-20 07:15:15	Name: ab Value: 0001%3AUsaToc%2FHpZgZ3wqYyBt2psxnqsquQHZR
.agkn.com/	1970-01-20 07:15:15	Name: u Value: C\|0CEApGNl4KRjZeAAAAAAAAQ13AQCAAQpAAAAAAA
.yahoo.com/	1970-01-20 07:15:36	Name: A3 Value: d=AQABBPgchmECEGY-MhLdtxyYe2hBJXrwafIFEgEBAQFuh2GQYQAAAAAA_eMAAA&S=AQAAAn39kqC-HNaO-4p-TpNIMlM
.spotxchange.com/	1970-01-20 07:15:19	Name: audience Value: 9f26e476-3ec8-11ec-bbf8-1df4c96b0506
.innovid.com/	1970-01-20 00:39:15	Name: uuid Value: 9b9f7e5b-5390-4d38-9cfe-1a4c1d9693d5-20211106 02:13:12

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=Roboto%3A300%2C400%2C700%2C900%7COswald%3A400%2C700%7CAdvent+Pro%3A700%7COpen+Sans%3A700%7CAnton%3A400Roboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7C%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%7CRoboto%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%26subset%3Dlatin%2Clatin-ext%2Ccyrillic%2Ccyrillic-ext%2Cgreek-ext%2Cgreek%2Cvietnamese Message: Failed to load resource: the server responded with a status of 400 ()
deprecation	warning	Message: 'window.webkitStorageInfo' is deprecated. Please use 'navigator.webkitTemporaryStorage' or 'navigator.webkitPersistentStorage' instead.
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPJzHK1uyLLX2ezMj0mfXk4Tq2nKKvyjcDKU0bzgw9Qr46lg4monu5oi-mNC-p5tm0OTGrriAm2QK-90xsB7cRfdL-Qivro&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_push=AYg5qPKAyZAhRR58Etq_9MrEoOHTRVjJm9k_v55P7M8k1Qhj3J1vBUcsz8ZYv_A5NL_MrEFa1M8TjCj0IvyeeHl1mfB2gD8bwQ&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_cver=1 Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS
network	error	URL: https://cm.g.doubleclick.net/pixel?google_nid=index&google_hm=YYYc96InyZJZ_asUvTy0tgAAAS8AAAAB&google_cver=1&google_gid=CAESEKCm0BCqBlH_RTjelofGCTM&google_push=AYg5qPJqet2m4oHdgj9Mceub3EfY8razZM77yugMeLAJGSENi5foZ_6eqsQrkrQz8nae00UG13491A0lLOnB8UoWMgmLvjAZyX2t Message: Failed to load resource: net::ERR_TOO_MANY_REDIRECTS

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ads.yahoo.com
adservice.google.co.uk
adservice.google.com
ag.innovid.com
cm.g.doubleclick.net
cms.quantserve.com
d.agkn.com
dsum-sec.casalemedia.com
encrypted-tbn1.gstatic.com
fonts.googleapis.com
fonts.gstatic.com
gadgettendency.com
gcdn.2mdn.net
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
ib.adnxs.com
id.rlcdn.com
image6.pubmatic.com
odr.mookie1.com
pagead2.googlesyndication.com
partner.googleadservices.com
pixel.everesttech.net
pixel.rubiconproject.com
pixel.wp.com
r4---sn-aigl6ney.c.2mdn.net
rtb.openx.net
s0.2mdn.net
secure.gravatar.com
stats.g.doubleclick.net
stats.wp.com
sync.search.spotxchange.com
sync.teads.tv
tpc.googlesyndication.com
us-u.openx.net
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
cm.g.doubleclick.net
tpc.googlesyndication.com
www.googletagservices.com
104.111.242.245
142.250.185.130
142.250.186.130
185.94.180.126
192.0.76.3
198.47.127.19
2.18.234.21
2606:4700:3036::6815:2728
2620:116:800d:21:5a23:9c4e:e774:96c1
2a00:1288:80:800::7000
2a00:1450:4001:802::2004
2a00:1450:4001:802::200e
2a00:1450:4001:803::2003
2a00:1450:4001:80f::200a
2a00:1450:4001:810::2002
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:812::2006
2a00:1450:4001:812::200e
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:830::2003
2a00:1450:4001:831::200e
2a00:1450:4009:11::9
2a00:1450:400c:c08::9b
2a04:fa87:fffe::c000:4902
2a05:d01c:1d8:8102:2fde:4606:be56:e39d
3.124.136.236
34.98.67.61
35.227.252.103
35.244.159.8
35.244.174.68
37.252.172.250
63.32.201.39
69.173.151.100
024bf58839434bcdbb669f44e683ecbb58be25cde0d0e721d68031a67a40dd40
0429afc3b762e552f144f79244d930318936c43767a00d217ce7bbf014594fbd
04951ec4c2cb0058e93c9c0232623bd68d8442e7f8d29403e9751cf1720e0de4
097ee9cf7679385b826098b24be6ed2e5c6b660342513932a8018203cc0497bc
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0ebbc7fba9a50d36ef5422345f624431710db4528f25749d1d438c2c10bb69f2
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
143ce443c390db3b8598f951de20bd04623859a581a15b8cde43ebfa1f8ec103
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1b4e852fde612daeb72f1f4cca801a99cc2730875048c5ac3faa9f5ca5854155
1b7f5dc945fb266ebfd6332693674c6e391337f4a399785102203bfa287b4c71
1c2b9842ddda9f9f4d465d887aa2be4db5cd61f7be40325ced079a61403ff660
22fd357442cefcbf238c5e06af21e4546e7207b0b7745de9720707f6c8218eba
24a9b59e7702d3e85a84da776cfd55e0db6f7dc6cb3e5ecf8d337c6329a82385
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
27f4119ce2d66a40ef8beba62ec4d995e95af50550c6d4471eec9eb27fa73774
28a3117ce5a89f67aa1e3a31392d9ca4c7d001f14c341edfab8926e1e6d9fd61
291fcf6b0aea583079f4ea7c943852ddd668ad895ee08b0b557b372040d205a0
2ce7f5b3e1e22ff02e3754499415d16de10c4c44d638f79d5df6377975d8e07a
2ecdea6a32710731d9d20885171b4e3ba506a7ccd956367038c15198d8e05b01
2f826a947a47c13c4af480b9b7853e9ca12d2873c67a9200f3c7a26f8cacae2d
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
33899f713a0c32997eb03f10e40d94c950660a6362f23231dc23da3268d738b7
36c0ec05d79bd9d3164effc3eca0f1962cd6f82bb1f41cb212e080910be24153
3c25b077a6d92cd9d3576660b68c4c0bd135b78b3cd3b66491ff2c7aa0eeaad3
3d426d835b7a0f1de91a27f862c5612d83912b2601f51a9b45ac3bd3409cfbc4
3d4951c7ff3a46728fc439373e8fbc749d86044288e77e6fef87543dfd2e0c51
3d4d24f7144d63f0794a73729c456ddb56b6ed4dc86451a2b877e60d439a0e1d
3e304dfe39fde10af2ee219f794108f785d18dd88658877ddf07bce099f6a9fa
3ffb9b264e7b5f543a953c5fd8afebda81a759f18a25660c949d3c8f016dac86
4642568b405b3750fb18df621889e27def95e8162c1cdd256a21b319c9a4e24b
475700259e64d480d1a70023e14741bb298a025e338bb608552e2472d4505a65
4aa9210ddc672e43bb409243fc14424e411a2a76fa7b7250c0c99da0e19d329e
4af635698cb6488a8df86b99febedbc979c76e04f675f3a9cdc66f7b4d86aff6
4b2f9794cf9a1465f85b132a63e0ec4ff84d58302b7d6d5f553584ac6b0bbc4c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4bbd0ba4d3c5e2432f157511e472d219d45d69dc460584b39fec3e27469a6eb0
4c9d68e6fcd7df4461d8628656db38b9b67c9f193e49fdd74e0ab213c56e3581
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e9cfcda329277250d7ab4836e11686e1ae3a624a20b93836a3d65783197bf0b
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
5060be7d42b5fb9736511e8249a42ff13e4eaad696be30d6e050b8b1af36ced2
53c85a63a4a55be5fc2ad9a1ffca9a24c290bdfe918c55dcad41b7d9180661f1
57243fd434e21b8aff3ac902f17e5a94e4a9e28412df169d0b1804ef25f5de43
583eda12fed77c078f7391866e53eedd80aec5b9b178a3537a3c4c3b09575485
5a8710d81938f21afdd8adc1bbbf09ad1fbb4f80ca43ada74dd10726cae7e1fc
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
69751f40928d2926f8edc62099a3a00383d97846b0ec1bbd15232fea3cdb657c
69a051355ad02c286b388a0013340d02657eb3f463d628f7fc1069c40ab8a7e5
6b7ccc50e9deeac2c9f0ab5950e20309482cd519b16af65a93c7119fc5cc42a4
6d6e7a86f0a205f0e28d95e94e504db9f8ed590dc76dd75ce19d48fd54cf4fa7
6e2396b1641d5536752232fac06da2e2c0b99c78cd3fcde486d359159266e5fb
70f47f617dfe941f7f8ba103c7377afff3d0b555e93462e1f53853a9acdf302e
71e84f4b3a46857e0ee497d4890e8a90ba4889e3c72d3c39a1ea7f78c1f8065b
755e17cb657ab342cd8387dd32189dcdbad5111b6dc790b920b1aff974fa928f
7a0e637754f0d9b8dabbb2440e00a968850d5052a68724af3debe3046a014a56
7c9fc339ba0fc4535a6e3305dad1e9f89e495ac45e6b804a65d312591d670eaf
7dacf83f51179de8d7980a513e67ab3a08f2c6272bb5946df8fd77c0d1763b73
85cffc3ea03a13a34a0840865f223c69988c6001820d74b50a7f85831611272e
875eab035958b7ebd3173d19445ae17afa9b77e659067fa9f093d0917b42b372
8996e5db5c4272a936fc92fbed9d9d7e4f8b15a0e53b64c166b389ae62fca300
8b1bd3ff92cff335e4fdf33f9f5920cebd56c33543636c50b16258a7e9384354
8d5c1a4275a0d06560b9825c23dcc980f628c36594152b3c492d010a4b7856e8
8d869e68ded46385086af23181706b5ba29ba4f2c87551fdd28955169a072263
9035a162a02db5ee862d0b1fa047bfb347db4389b344e5785340033a3dfbcdf3
9241dd2ad1914f83ae908d38a04d2c91c9c7c14d23477f78bb582b8fbcf69835
93746ed6619dc225bb18e11252292d9c591ea9247b1c7ed16a75c206156db628
997ad555e35383cc25c4a68bc034b1f2b3ceac59e873a6a19b3e056c22f1a4b4
9a9b7fb32e01fd70747f32efdbd0472fd681c85eebb0c42d10c7a514820a0062
9db8a678d1681c1c4a3f15e1769c3f54d96f126db4a7b00cea65127c820a7763
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a0ec98322fd8f68c494e5c955198a2303c4dad97a847d3f5a5c949f72aa657cd
a33a3681afeba42758fc5b8bb14549aef666007b85645ad6d2ade9e3b0f56bc6
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5d1f5f5037b36af16f4aa856db1a7307867c93d1bd1ae88233a12d6c8c4e496
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a70a7f220d74b56bf646c539d97b584991dfc9199c6982d333d9154a6f080a45
a863a77e9ee263a0ec9c1e792bb33ed0f663582b7369f472261df7b6040990c4
a889ed53ea224d3134512762ff0cde5c4b0426379110a6592f9d0e337b859e95
a938bc7ba59efb88cfb963b6e9b35166b1e02953897e4b6fdc2c71d96a712f59
aac0201c6723f2c1f199a1b4d4136e488c8793b7be8dad1875f97823db9d6fb1
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1e3207975662ee01b10c114321458d186207f24f72c4a026f633f7afb5b5fdc
b1ea339daaa89b586a011d5bd1950ac69401da87ac9b364d631847cf3e2cd7ca
b64291fc91dc77833930ffcead244193c5cfd9e882af312ecc89b580160c22a1
b6e53c942b19db58c2d7f74fd56324abaaa5624df6aa559aaab50c56d13c69f1
bc6bcca92dc07dd2c19ffcfecd5622aa3fc4993a8f9bd639c6b380373899637e
c18ce2f9b2ae7810b8e9f178afb960d1d3c335e7f750a77e9a397c172ed9dfb1
c3b0036128943d6d0f94485a63023fa8ccff064fc3f61ff6d05430b2c6e739ef
c6d0f855f5e7c10459aaf45b7c98ada3539053abae1138ed089fa967e2d5354c
cdcc50aec06366d900fac222e7968371b35171ef96e3236ad7a0cbe0074ad49d
d0e8821e889280c3b745b859e6b3971924723a4562bac65ba8aa0fe44bfc83b2
d1c5a14bc13386e0a1b725883df2acf09eef1a6058125284b6f7bcd8924bc78a
d36e5d7328268d21c6941039a7b6a15c7ed7414f60dbee72d2231d11ac9bdaf3
d5f4699b5234015f527995583126f4bbc8d767c0215578e7d6d9ad69ee76016d
db8e8a544f7d1563e313d95796d12a39c10b23a98f8cefb91b27212ef075fe32
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de3c0136d39707fcaaba7f5171a29de11d42b2b3682894627ba570350add9c1b
df00d7b00caf5030f225d9ba8c973976a65f581e5562cddd3df0236723f8bb94
df2d952f361956a74458dc26c18617fe645485d81dcd9d247c4c057d4205bc8e
e281d043da463bfb1e696e8d54c639739f34c2df44b0b5e3f8ca71809fd2a6f6
e30f3479d6ce52ce1c83c50e5568a4a7c1080c3214b23aacbc9d21efdd52f95a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e63e71413cbcbd6f0beef33c56a5a72a1d23bd82df6954d584513c6f6062f103
e729f5d401cdca135b4fa5dc8e6e2c5df959ba7a631c700787fb44fc2c911e24
e8626f41758de97aac96928550481784cf5c037885e159cb8912642f130b36b7
e89a316ebf1c63ea09e2b7b5889fb55e1ffb326c7b2b172027da0948f5709f6a
ee45287eb2d0a1172d69bab1af8c3c2a1af603aa5c88e506e0164f671c2813e3
eea0b9621509f98be77c5af1e9b5c952a675bda2b27c419876364017069e0c19
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f32c2fd0c2e692f7810065b4479dcf59fcf858e2f6db8c2ddd6801d000776889
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f7fbb36b1c2be3ab6abcf423bdcf2f18f0e399c9b4df73c76435ccef9ba53718
f8957910f9a887e298f5c082685e139255d095ec819e8b8cc6469b0006ef204b
f907ec1acbe5cfb6d5f9ed558f8c46da774a5e74a810118fcb6dbe47948338ab
fd18f805559d7e28fd0c3f5d7564894e07ed38da1e0d4fe66d6a243435eaa3fe
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
ffd830628529f9f0ea7f898d2b3dfd41285879a5a405dbeab26656801aa13f07

gadgettendency.com Open in urlscan Pro 2606:4700:3036::6815:2728 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page Statistics

242 Requests

87 %HTTPS

61 %IPv6

28 Domains

40 Subdomains

32 IPs

6 Countries

4119 kBTransfer

8687 kBSize

31 Cookies

6 Outgoing links

Redirected requests

242 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 4 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

gadgettendency.com Open in urlscan Pro
2606:4700:3036::6815:2728 Public Scan

Screenshot
Live screenshot

Full Image

242
Requests

87 %
HTTPS

61 %
IPv6

28
Domains

40
Subdomains

32
IPs

6
Countries

4119 kB
Transfer

8687 kB
Size

31
Cookies

242 HTTP transactions
4 data transactions