urlscan.io logo urlscan.io
SecurityTrails logo

www.securezoo.com Open in urlscan Pro
45.40.152.13  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://t.co/0E4DMWAdh3
Effective URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Submission: On December 03 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 2 countries across 16 domains to perform 103 HTTP transactions. The main IP is 45.40.152.13, located in United States and belongs to AS-26496-GO-DADDY-COM-LLC, US. The main domain is www.securezoo.com.
TLS certificate: Issued by Go Daddy Secure Certificate Authority... on November 26th 2021. Valid for: a year.
This is the only time www.securezoo.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    104.244.42.5 (United States)

ASN13414 (TWITTER, US)
t.co
1    67.199.248.13 (United States)

ASN396982 (GOOGLE-PRIVATE-CLOUD, US)
PTR: cname.bitly.com
buff.ly
5    45.40.152.13 (United States)

ASN26496 (AS-26496-GO-DADDY-COM-LLC, US)
PTR: ip-45-40-152-13.ip.secureserver.net
www.securezoo.com
7    2a02:fe80:1010::16 (United States)

ASN30148 (SUCURI-SEC, US)
secureservercdn.net
1    2a00:1450:4001:80e::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
15    2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
pagead2.googlesyndication.com
3    2.16.186.248 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a2-16-186-248.deploy.static.akamaitechnologies.com
img1.wsimg.com
img6.wsimg.com
21    2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
adservice.google.de
1    216.58.212.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s46-in-f2.1e100.net
partner.googleadservices.com
1    2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.de
2    2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
adservice.google.com
2    2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google-analytics.com
4    2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.gstatic.com
2    2a00:1450:4001:82f::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
28    2a00:1450:4001:801::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
tpc.googlesyndication.com
5    2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagservices.com
5    2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
2    142.250.185.99 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f3.1e100.net
p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com
1    23.79.143.47 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-143-47.deploy.static.akamaitechnologies.com
img.secureserver.net
Domain Requested by
28 tpc.googlesyndication.com googleads.g.doubleclick.net
pagead2.googlesyndication.com
tpc.googlesyndication.com
20 googleads.g.doubleclick.net pagead2.googlesyndication.com
googleads.g.doubleclick.net
15 pagead2.googlesyndication.com www.securezoo.com
pagead2.googlesyndication.com
googleads.g.doubleclick.net
img1.wsimg.com
tpc.googlesyndication.com
www.googletagservices.com
7 secureservercdn.net www.securezoo.com
5 www.google.com 4 redirects tpc.googlesyndication.com
5 www.googletagservices.com googleads.g.doubleclick.net
5 www.securezoo.com t.co
www.securezoo.com
secureservercdn.net
4 www.gstatic.com googleads.g.doubleclick.net
2 p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com googleads.g.doubleclick.net
p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com
2 fonts.gstatic.com fonts.googleapis.com
2 fonts.googleapis.com googleads.g.doubleclick.net
2 www.google-analytics.com www.googletagmanager.com
img1.wsimg.com
2 adservice.google.com pagead2.googlesyndication.com
2 adservice.google.de pagead2.googlesyndication.com
2 img1.wsimg.com 1 redirects www.securezoo.com
1 img.secureserver.net
1 partner.googleadservices.com pagead2.googlesyndication.com
1 img6.wsimg.com www.securezoo.com
1 www.googletagmanager.com www.securezoo.com
1 buff.ly 1 redirects
1 t.co
103 21

This site contains links to these domains. Also see Links.

Domain
twitter.com
us-cert.cisa.gov
www.ic3.gov
Subject Issuer Validity Valid
t.co
DigiCert TLS RSA SHA256 2020 CA1		 2021-02-05 -
2022-02-04		 a year crt.sh
securezoo.com
Go Daddy Secure Certificate Authority - G2		 2021-11-26 -
2022-12-28		 a year crt.sh
secureservercdn.net
Starfield Secure Certificate Authority - G2		 2021-05-27 -
2022-06-26		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.wsimg.com
Starfield Secure Certificate Authority - G2		 2021-09-24 -
2022-10-26		 a year crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.de
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.gstatic.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-11-01 -
2022-01-24		 3 months crt.sh
*.secureserver.net
Starfield Secure Certificate Authority - G2		 2021-09-16 -
2022-10-18		 a year crt.sh

This page contains 19 frames:

Primary Page: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Frame ID: 219D730AD85DBEAA5ED55E60AC42CF50
Requests: 34 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Frame ID: 61DBDFC9B37BA5BF8402EF763B8563DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&adk=1812271804&adf=3025194257&lmt=1638438954&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795728&bpp=18&bdt=109&idt=140&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7278889200316&frm=20&pv=2&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Frame ID: 8D3D7A28A257B3DC49F687A8ADB30E4B
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Frame ID: 4EF970BEFD351E32A056D9FDB4BEAA75
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Frame ID: 488A2D6FD8AD0DCABD01D4243653DDD3
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Frame ID: BB335CDBE3C4D651BF1DAE0BC718A04F
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Frame ID: F75ABD4D7D5A70DB6A1EA6B8C7A879ED
Requests: 9 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Frame ID: 61DE7F08AD1056878528DF602CF13699
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 278C6EC91406BB12B0664F844B1048DD
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 5480C6EAC894D29887E140AB34E8D2D1
Requests: 2 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 58452E1FEBCD9320EEE3EDA67B07D3C6
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 80C0AC6A8160EC8982117121C29647F0
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: BA0F184047F69AF1A641C6A8787DF819
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Frame ID: 176B39FEB45FB0D438D60A22A67E7AA9
Requests: 2 HTTP requests in this frame

Frame: https://p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Frame ID: 93B9590F0E55ACAF8E096C0CBC010BCC
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 68C2E840833F6C8D09DB7D20E991EB61
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Frame ID: 8913465B11F3E93384727B32E9B57D76
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: FBB5ADAA7ABE90BF1DB7F6EF0F64ABA2
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 229CAEF1D51DC470020F2C4A584E694B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Iranian state-sponsored APT actors target Microsoft Exchange and Fortinet vulnerabilities - Securezoo Blog

Page URL History Show full URLs

  1. https://t.co/0E4DMWAdh3 Page URL
  2. https://buff.ly/3HxumnA HTTP 301
    https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-for... Page URL

Page Statistics

103
Requests

99 %
HTTPS

65 %
IPv6

16
Domains

21
Subdomains

20
IPs

2
Countries

1640 kB
Transfer

3911 kB
Size

11
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://t.co/0E4DMWAdh3 Page URL
  2. https://buff.ly/3HxumnA HTTP 301
    https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js HTTP 302
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Request Chain 56
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 66
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 69
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Request Chain 97
  • https://www.google.com/pagead/drt/ui HTTP 302
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA

103 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
0E4DMWAdh3
t.co/ 		224 B
612 B 		Document
General
Check archive.org
Download Go to
Full URL
https://t.co/0E4DMWAdh3
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.244.42.5 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software
tsa_o /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

date
Fri, 03 Dec 2021 14:46:33 GMT
vary
Origin
server
tsa_o
expires
Fri, 03 Dec 2021 14:51:34 GMT
content-type
text/html; charset=utf-8
cache-control
private,max-age=300
content-length
176
content-encoding
gzip
x-xss-protection
0
strict-transport-security
max-age=0
x-response-time
112
x-connection-hash
b32eaa30c8c96af0402d02e4b78169ab2be1789059de01709d5801d279d62b34
Primary Request /
www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Redirect Chain
  • https://buff.ly/3HxumnA
  • https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
74 KB
16 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Requested by
Host: t.co
URL: https://t.co/0E4DMWAdh3
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.40.152.13 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-152-13.ip.secureserver.net
Software
openresty /
Resource Hash
ed2b15bd5e828d105770d9404f0c3bc180ff280736c32b8afb0de83f8ae58e14
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300 max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://t.co/0E4DMWAdh3

Response headers

server
openresty
date
Fri, 03 Dec 2021 14:46:35 GMT
content-type
text/html; charset=UTF-8
content-length
15582
accept-ranges
bytes
age
82555
cache-control
no-cache, max-age=2592000
content-encoding
gzip
content-security-policy
upgrade-insecure-requests
expires
Sat, 01 Jan 2022 15:50:39 GMT
last-modified
Thu, 02 Dec 2021 09:55:54 GMT
strict-transport-security
max-age=300 max-age=31536000; includeSubDomains
vary
User-Agent, Accept-Encoding
wpo-cache-status
cached
x-backend
local
x-cache
cached
x-cache-hit
HIT
x-cacheable
YES
x-content-type-options
nosniff
x-xss-protection
1; mode=block

Redirect headers

cache-control
private, max-age=90
content-security-policy
referrer always;
content-type
text/html; charset=utf-8
date
Fri, 03 Dec 2021 14:46:34 GMT
location
https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
referrer-policy
unsafe-url
server
nginx
content-length
211
fa-solid-900.woff2
www.securezoo.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/ 		78 KB
79 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.securezoo.com/wp-content/themes/oceanwp/assets/fonts/fontawesome/webfonts/fa-solid-900.woff2
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.40.152.13 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-152-13.ip.secureserver.net
Software
openresty /
Resource Hash
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Origin
https://www.securezoo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
166487
x-cache
cached
content-length
80300
x-xss-protection
1; mode=block
last-modified
Sat, 27 Nov 2021 20:29:22 GMT
server
openresty
x-cache-hit
HIT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Fri, 31 Dec 2021 16:31:48 GMT
Simple-Line-Icons.woff2
www.securezoo.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.securezoo.com/wp-content/themes/oceanwp/assets/fonts/simple-line-icons/Simple-Line-Icons.woff2
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.40.152.13 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-152-13.ip.secureserver.net
Software
openresty /
Resource Hash
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Origin
https://www.securezoo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
166487
x-cache
cached
content-length
30064
x-xss-protection
1; mode=block
last-modified
Sat, 27 Nov 2021 20:29:21 GMT
server
openresty
x-cache-hit
HIT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Fri, 31 Dec 2021 16:31:48 GMT
wpo-minify-header-c20d2b49.min.css
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/ 		453 KB
75 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/wpo-minify-header-c20d2b49.min.css?time=1638375988
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
db7b6065199d322ae831392159a7735c598493d32ea9af68aac214b0eb6cd029
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
85350
x-cache
cached
x-sucuri-cache
HIT
vary
Accept-Encoding
content-length
76169
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 16:26:32 GMT
server
nginx
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
text/css
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpo-minify-header-4ea61069.min.js
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/ 		102 KB
35 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/wpo-minify-header-4ea61069.min.js?time=1638375988
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
e66565e03b107e21ca651df1df7bab7f9a74dd6b28fbe4f54ca5f6edfd497ec6
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
85351
x-cache
cached
x-sucuri-cache
HIT
vary
Accept-Encoding
content-length
35419
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 16:26:32 GMT
server
nginx
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
js
www.googletagmanager.com/gtag/ 		90 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=UA-36086945-1
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
0f0a082ff760a06c1c0bfc2e65ce5dbf7bec65bd948a8456c6a8396c4796c516
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
br
vary
Accept-Encoding
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
36232
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 12:00:00 GMT
server
Google Tag Manager
strict-transport-security
max-age=31536000; includeSubDomains
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Fri, 03 Dec 2021 14:46:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		145 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
674a408d3734c7a358ab08ab384fa3039609e59c7e4c83cac361b851f6f756e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51941
x-xss-protection
0
server
cafe
etag
7743053773280585467
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 14:46:35 GMT
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
51 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8212490510386529
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
d36ac4ff2cd93680869aa0d97a524b77ba900116eaa05c60b1d1af4cc9550572
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.securezoo.com/
Origin
https://www.securezoo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
51211
x-xss-protection
0
server
cafe
etag
5991420409946091541
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 14:46:35 GMT
lazysizes.min.js
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/plugins/autoptimize/classes/external/js/ 		10 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/plugins/autoptimize/classes/external/js/lazysizes.min.js?ao_version=2.9.3
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
673960
x-cache
cached
x-sucuri-cache
HIT
vary
Accept-Encoding
content-length
4122
x-xss-protection
1; mode=block
last-modified
Wed, 24 Nov 2021 20:52:31 GMT
server
nginx
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
wpo-minify-footer-24b42879.min.js
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/ 		246 KB
59 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/wpo-minify-footer-24b42879.min.js?time=1638375988
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
7e0bb4bd1e827a55b9b1949ffa3c45dc344bfb1907b77fd65e47f22e7f40c96b
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
85351
x-cache
cached
x-sucuri-cache
HIT
vary
Accept-Encoding
content-length
59436
x-xss-protection
1; mode=block
last-modified
Wed, 01 Dec 2021 16:26:32 GMT
server
nginx
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
application/javascript
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
tcc_l.combined.1.0.6.min.js
img1.wsimg.com/tcc/ 		12 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img1.wsimg.com/tcc/tcc_l.combined.1.0.6.min.js
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
last-modified
Fri, 31 Mar 2017 16:26:41 GMT
etag
"52ef5c943baad21:0"
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
content-length
4564
expires
Sat, 03 Dec 2022 14:46:35 GMT
tti.min.js
img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/
Redirect Chain
  • https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
  • https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
24 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Server
2.16.186.248 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a2-16-186-248.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency
247, 247
x-amz-version-id
F4fYptXBkP0fCCCWFLfVGE1HXlZmORny
content-encoding
br
etag
"ce554d2333f3801abafb32da18213ff7"
x-amz-request-id
VP8MMSVFK992J1PT
x-edgeconnect-midmile-rtt
15, 15
x-amz-server-side-encryption
AES256
server-timing
cdn-cache; desc=HIT, edge; dur=1
content-length
7498
x-amz-id-2
WPdzJfQDQyS4hD+xuYsG8/XIlDF8SfFW6fY7TywWHFwCrHZxYW7+fWZzjZljcKq0iGAfdR/ixq8=
last-modified
Wed, 16 Jun 2021 21:48:11 GMT
date
Fri, 03 Dec 2021 14:46:35 GMT
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
timing-allow-origin
*

Redirect headers

location
https://img6.wsimg.com/wrhs/ce554d2333f3801abafb32da18213ff7/tti.min.js
date
Fri, 03 Dec 2021 14:46:35 GMT
cache-control
max-age=5
access-control-allow-origin
*
timing-allow-origin
*
content-length
0
expires
Fri, 03 Dec 2021 14:46:40 GMT
show_ads_impl_with_ama_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 		272 KB
98 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8212490510386529
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
f7279d9b3d54cea41cfa5118bd68bb20ccb76b646c80c35e5cc11c7581d6d1e0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100172
x-xss-protection
0
server
cafe
etag
15958793162753317195
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 14:46:35 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/ Frame 61DB 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-8212490510386529
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 02 Dec 2021 21:22:37 GMT
expires
Thu, 16 Dec 2021 21:22:37 GMT
content-type
text/html; charset=UTF-8
etag
6406113418471942685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4879
x-xss-protection
0
age
62638
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
fa-brands-400.woff2
www.securezoo.com/wp-content/themes/oceanwp/inc/customizer/assets/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.securezoo.com/wp-content/themes/oceanwp/inc/customizer/assets/fonts/fa-brands-400.woff2
Requested by
Host: secureservercdn.net
URL: https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/wpo-minify-header-c20d2b49.min.css?time=1638375988
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.40.152.13 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-152-13.ip.secureserver.net
Software
openresty /
Resource Hash
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureservercdn.net/
Origin
https://www.securezoo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
165843
x-cache
cached
content-length
74656
x-xss-protection
1; mode=block
last-modified
Sat, 27 Nov 2021 20:29:24 GMT
server
openresty
x-cache-hit
HIT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Fri, 31 Dec 2021 16:42:32 GMT
fa-solid-900.woff2
www.securezoo.com/wp-content/themes/oceanwp/inc/customizer/assets/fonts/ 		73 KB
73 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.securezoo.com/wp-content/themes/oceanwp/inc/customizer/assets/fonts/fa-solid-900.woff2
Requested by
Host: secureservercdn.net
URL: https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/cache/wpo-minify/1638375987/assets/wpo-minify-header-c20d2b49.min.css?time=1638375988
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
45.40.152.13 , United States, ASN26496 (AS-26496-GO-DADDY-COM-LLC, US),
Reverse DNS
ip-45-40-152-13.ip.secureserver.net
Software
openresty /
Resource Hash
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://secureservercdn.net/
Origin
https://www.securezoo.com
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
166441
x-cache
cached
content-length
74328
x-xss-protection
1; mode=block
last-modified
Sat, 27 Nov 2021 20:29:24 GMT
server
openresty
x-cache-hit
HIT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
font/woff2
access-control-allow-origin
*
cache-control
max-age=2592000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Fri, 31 Dec 2021 16:32:34 GMT
truncated
/ 		69 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
cff85611de35fa4ddcbb979d2b1132d4a9ef7b07e924dc3bc6c6526fa95adfc9

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		68 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
59b871cfdfa6f79e3830f594f22e5f746f7428a8fe907d803f8e0c60409616b8

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ 		66 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
e9f6f884ac8a98b9e7f11b5deae284f63c84a4f54dab618f2ff03c903705f474

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
cookie.js
partner.googleadservices.com/gampad/ 		217 B
645 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=www.securezoo.com&callback=_gfp_s_&client=ca-pub-8212490510386529
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.212.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s46-in-f2.1e100.net
Software
cafe /
Resource Hash
5e9efeb493d5c435c97e15db3fd579650b3504edff228c9b86c93ae9b3317c8d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
201
x-xss-protection
0
integrator.js
adservice.google.de/adsid/ 		107 B
792 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.securezoo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
549 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.securezoo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Dec 2021 14:46:35 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 8D3D 		101 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&adk=1812271804&adf=3025194257&lmt=1638438954&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&ea=0&flash=0&host=ca-host-pub-2644536267352236&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795728&bpp=18&bdt=109&idt=140&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=7278889200316&frm=20&pv=2&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=158
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
44eec0a15d3e0040b9c9aeb11ca5b267b25f8e63e4fd19c3a0ff170dcd61a632
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
27435
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:36 GMT
cache-control
private
analytics.js
www.google-analytics.com/ 		49 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-36086945-1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Tue, 02 Nov 2021 17:39:06 GMT
server
Golfe2
age
6328
date
Fri, 03 Dec 2021 13:01:07 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20006
expires
Fri, 03 Dec 2021 15:01:07 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 4EF9 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b81c2ab9c2449e26837a35baaa663da62a3e8ae93f874beb1530c5866338318d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
27919
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:36 GMT
cache-control
private
cropped-Securezoo_Main-2.jpg
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/uploads/2018/12/ 		82 KB
82 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/uploads/2018/12/cropped-Securezoo_Main-2.jpg
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
79aad090587780d219700b0338ddaa45f6b028dd6c6064758ca6398df59ae93f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
1392215
x-cache
cached
x-sucuri-cache
HIT
content-length
83713
x-xss-protection
1; mode=block
last-modified
Sat, 21 Sep 2019 20:17:54 GMT
server
nginx
date
Fri, 03 Dec 2021 14:46:35 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
image/jpeg
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
Cybersecurity_large.jpg
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/uploads/2020/07/ 		68 KB
68 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-content/uploads/2020/07/Cybersecurity_large.jpg
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
28c562c4b3c313cac120c17fb85f13b74702d86e5d0a417a640d88d80102b4db
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
1387160
x-cache
cached
x-sucuri-cache
HIT
content-length
69581
x-xss-protection
1; mode=block
last-modified
Wed, 04 Aug 2021 00:20:28 GMT
server
nginx
date
Fri, 03 Dec 2021 14:46:35 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
image/jpeg
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
rss.png
secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-includes/images/ 		608 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secureservercdn.net/45.40.152.13/2zy.425.myftpupload.com/wp-includes/images/rss.png?time=1638375988
Requested by
Host: www.securezoo.com
URL: https://www.securezoo.com/2021/11/iranian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:fe80:1010::16 , United States, ASN30148 (SUCURI-SEC, US),
Reverse DNS
Software
nginx /
Resource Hash
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=300, max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
x-cacheable
YES
x-backend
local
age
44329
x-cache
cached
x-sucuri-cache
HIT
content-length
608
x-xss-protection
1; mode=block
last-modified
Mon, 15 Nov 2021 22:21:16 GMT
server
nginx
date
Fri, 03 Dec 2021 14:46:35 GMT
strict-transport-security
max-age=300, max-age=31536000; includeSubDomains
content-type
image/png
x-cache-hit
HIT
cache-control
max-age=315360000
x-sucuri-id
19016
accept-ranges
bytes
expires
Thu, 31 Dec 2037 23:55:55 GMT
ads
googleads.g.doubleclick.net/pagead/ Frame 488A 		85 KB
29 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
60797ef7c008cffc4f4e0b407d152a6e72acf2934d6669695a15f83782b738f4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
29721
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:36 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BB33 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
0b511144424166f3c1ef7f0a7db1a3e6b0f9f37c270f2c681b2a74f272578bd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
27924
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:36 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F75A 		71 KB
27 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
287dd928de74d0805e7f4e3d047e270f9a6383c0a625ecfc44df67a07a235360
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
27788
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:36 GMT
cache-control
private
collect
www.google-analytics.com/j/ 		1 B
21 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j96&a=767558329&t=pageview&_s=1&dl=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&dr=https%3A%2F%2Ft.co%2F&ul=en-us&de=UTF-8&dt=Iranian%20state-sponsored%20APT%20actors%20target%20Microsoft%20Exchange%20and%20Fortinet%20vulnerabilities%20-%20Securezoo%20Blog&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAUABAAAAAC~&jid=1166968698&gjid=627327514&cid=366653925.1638542796&tid=UA-36086945-1&_gid=1768375103.1638542796&_r=1&gtm=2ouc10&z=682539960
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.securezoo.com/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 14:46:36 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.securezoo.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1
expires
Fri, 01 Jan 1990 00:00:00 GMT
reactive_library_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/ 		149 KB
53 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/reactive_library_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
86261cb44918a52b37509a17c360f32d24f362544ffc50f638883875ca4f048d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
54305
x-xss-protection
0
server
cafe
etag
6754433748942997557
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Fri, 03 Dec 2021 14:46:36 GMT
integrator.js
adservice.google.de/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.de/adsid/integrator.js?domain=www.securezoo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
122 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=www.securezoo.com
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/ Frame 61DE 		11 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Thu, 02 Dec 2021 21:29:00 GMT
expires
Thu, 16 Dec 2021 21:29:00 GMT
content-type
text/html; charset=UTF-8
etag
6406113418471942685
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4879
x-xss-protection
0
age
62256
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
de974e0de653beaf8b7a147538108e14.js
www.gstatic.com/mysidia/ Frame 61DE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/de974e0de653beaf8b7a147538108e14.js?tag=client_fast_engine_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:06:56 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243580
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3353
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:18:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:06:56 GMT
ef71563f30928051bf5f5d97e506b840.js
www.gstatic.com/mysidia/ Frame 61DE 		8 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/ef71563f30928051bf5f5d97e506b840.js?tag=text/vanilla_highlight
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
63cb35133865eac473826f95c6a9d64ff1fa3da71403ea4f1981e5de9bcd69bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 21:56:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
233434
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
3802
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:18:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 21:56:02 GMT
css
fonts.googleapis.com/ Frame 61DE 		3 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 13:34:30 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Dec 2021 14:46:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Dec 2021 14:46:36 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 61DE 		1 KB
959 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:45:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 61DE 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:43:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 61DE 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 61DE 		119 KB
37 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Dec 2021 14:46:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 61DE 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:42:23 GMT
6d065ef8aad4e53a06604e1059b7b7b3.js
www.gstatic.com/mysidia/ Frame 61DE 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/6d065ef8aad4e53a06604e1059b7b7b3.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 19:06:50 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
243586
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11408
x-xss-protection
0
last-modified
Tue, 30 Nov 2021 18:18:58 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Mon, 28 Feb 2022 19:06:50 GMT
downsize_200k_v1
tpc.googlesyndication.com/simgad/1755957982619801602/ Frame 61DE 		967 B
994 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/1755957982619801602/downsize_200k_v1?w=100&h=100
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
eb43398c976da8be22770ad7b01373022ddbe46ca907d637bb4d0e1768b1ca15
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 22:46:41 GMT
x-content-type-options
nosniff
age
143995
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
967
x-xss-protection
0
last-modified
Fri, 03 Sep 2021 13:12:17 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 22:46:41 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 61DE 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=C-TeByy2qYZfYOM-41fAPlu6jqAXp-J2sZp6h0bzmDrCuycSWLxABIKTKuiJglfrwgYwHoAGQwp3AAcgBAagDAaoEvgJP0BBKbBjcDBmsPcvYczlFi6BOIW0lSLrb13w_VkaAOftCVnYhae6-xrEKfAmpuuyQlTRdRATswWtP9p1ouVDY2k1NsyiBuVgA3EPQLmnlFRbOyqplqrA8rQhp9CfPueHPnCk0Xz67hP-Fm8MnRYMK5GUMvgjT5yoe6x8RXjX6EUgLTlE60TqJBhH5r4nJyY3UHy_hPCgrKaHWGs7QwlfXavWU8sNkfzltqPCZd5lkWIOGUCvJTUsJtBNFJfQOiTITlScgJ-xS3HW682cPWgNrjb9ib7RQ0NVy5NL822-CrtzCtTe2GDPkHXVWF5dsQW5Hy0jsXS1qd7JfUFdOJ9D3uRSchfH0nHD9GRS5LRYh-47ogrWNu_ZRlaojRBtfsU8Af9wxUx7cIkapuI5j1mj2AR7mWrsHTuwQrbXue97ABJ2v7JfZA5IFBAgEGAGSBQQIBRgEgAfU0J7lAqgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEKKKR9IICQiA4YAQEAEYH4AKAcgLAdgTDNAVAYAXAbIXHAoaCAASFHB1Yi04MjEyNDkwNTEwMzg2NTI5GAA&sigh=rgSssy2VDrc&uach_m=[UACH]&template_id=5001
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Dec 2021 14:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
private
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 03 Dec 2021 14:46:36 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 278C 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 03 Dec 2021 13:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2884
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame 61DE 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
75f4bd84b3e6579d057e5fba846f81e7dba9ae8d3afc52dbdf997302c3ca2f69

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
3314026852723713045
tpc.googlesyndication.com/simgad/ Frame 4EF9 		34 KB
34 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/3314026852723713045?sqp=4sqPyQQ7QjkqNxABHQAAtEIgASgBMAk4A0DwkwlYAWBfcAKAAQGIAQGdAQAAgD-oAQGwAYCt4gS4AV_FAS2ynT4&rs=AOga4qnwaQd2f85VmKfN7AAZ3uYNcoqR_Q
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
b44bec5e6134c42d0c5a7a0317db7c75a18dd9805793c80e3a2f4c563fae3116
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 08:13:10 GMT
x-content-type-options
nosniff
age
110006
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
34841
x-xss-protection
0
last-modified
Mon, 16 Aug 2021 15:22:46 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Fri, 02 Dec 2022 08:13:10 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 4EF9 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:43:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 4EF9 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 4EF9 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Dec 2021 14:46:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 4EF9 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:42:23 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 4EF9 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11652e7b04cdcc9c0bc7948055c05aaf8f7c066e6059d52f9b186c55368cb9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 09:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11392
x-xss-protection
0
server
cafe
etag
7769099329773015066
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 09:25:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 4EF9 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjQFizC2qYcaEBcaR8wOVz6iACbn7mbZmmKug8JIPuvSmwJQOEAEgpMq6ImCV-vCBjAegAfyHzO4CyAECqAMByAPJBKoEuwJP0IcYopuoJVwigILvQMR4RSdAtP2Pz7gtceyMVydH5wblRNcc8A6GB0xj8Zmk8etIxL8i4dLLsNA2gYnHycDTvDSOvFMdGF70DFaYsHslrprWjNFQMR_Gp7yePq-EBkCLfMy9tSzCm8Cxp2ZnH58k8DtjY2yLhierx6_ZW3mkfqh5bdxj-4G6dHndTa5-avPWc-YFC0W0PjJDm9raNFe0mzqgDrjes11A6ofcZRmy3IxF_AohMIZCtLwmkW8BsaazPXxIBnkPcZyMkJy02Bl-O5jjI8ZOI2pMVvrn_mV0Ogn7kODeTaSQiFBvS1UcbsZm7mN1wyeuzkb0UuL7Bf0HS7UIgHAXRvJfWw6dJ5wbi1GcT3Mkn4kKI6c_Kc4NoF661XYI9OhHM0ldNC3-AqrIXjsfTSLBjw0tX63ABPvo5ODhA5IFBAgEGAGSBQQIBRgEoAYCgAfs97ORAagHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEOOVBtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAYAXAbIXHAoaCAASFHB1Yi04MjEyNDkwNTEwMzg2NTI5GAA&sigh=6_JuRtR3ssc&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Dec 2021 14:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
si
googleads.g.doubleclick.net/pagead/drt/ Frame 278C
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:36 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5480 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 03 Dec 2021 13:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2884
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
17967220456369538393
tpc.googlesyndication.com/simgad/ Frame BB33 		20 KB
20 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/17967220456369538393?sqp=4sqPyQQrQikqJwhfEAEdAAC0QiABKAEwCTgDQPCTCUgAUAFYAWBfcAJ4AcUBLbKdPg&rs=AOga4qnVfLD-IWSFKhraPtKAaVRE5Ds7rQ
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
a557eef54b4446fb873944d7bbb727ed030570ae44d68e519960e46336c85e7e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Wed, 01 Dec 2021 23:11:07 GMT
x-content-type-options
nosniff
age
142529
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
20801
x-xss-protection
0
last-modified
Mon, 20 Sep 2021 09:26:53 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Thu, 01 Dec 2022 23:11:07 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame BB33 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:43:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame BB33 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame BB33 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Dec 2021 14:46:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame BB33 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:42:23 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame BB33 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11652e7b04cdcc9c0bc7948055c05aaf8f7c066e6059d52f9b186c55368cb9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 09:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19290
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11392
x-xss-protection
0
server
cafe
etag
7769099329773015066
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 09:25:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame BB33 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CjIMkzC2qYaP1BpLS9QXfwq2AC8HC39Nm2O3j2O8O2dkeEAEgpMq6ImCV-vCBjAegAZ2ovaMDyAECqQLkZgfoTH99PqgDAcgDyQSqBM0CT9ADkhwuGpJ_a-ZN-RIgOyrnQlVnlD2-fhhLPpOz6jhCXf8inufWtD7qmJmxaCczvDNr9nNZt-b0yvFk4khl5X0Jr3T05iGDKZsBcDyuf1yL-SsIQ0mgXV36CNnwlh8sRmJw0HD8OzH_IizsGUQ_oAI0IKJ9E19lHsFv3U1Hh0WNs1DPGtxuZaMUAmRlOTEcJymRR92vkWxYT_UYYIGgs0XwQuBjQPWTlJmSxoPIzgokEreNen8mef16uNlpZcsxYbnm7NIQo4YPh0sDQz1LW4_h0xE-U3iiYUZxBOSI00ttLgM_gGx70bUkfzIhB8I_JZkcrMgyXbuirRlsNd8vJ_6dmTwsRsUVcnIMz8pCH-8B1352c1TEM_ZcaphdkErNVhdG4w2aB9lw2NShGophHPRdbBaoG6DLeuVFtNZ5Ul3rRpjxHnxkgp3uTCJJwAS9hLPNuAOSBQQIBBgBkgUECAUYBKAGAoAHy9fCXKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcB8gcEEJjYFtIICQiA4YAQEAEYH4AKAcgLAdgTDdAVAZgWAYAXAbIXHAoaCAASFHB1Yi04MjEyNDkwNTEwMzg2NTI5GAA&sigh=vAGPHsGUurE&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Dec 2021 14:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
truncated
/ Frame 4EF9 		216 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
da6eebec36e1b5e315aa82c769f2221e3c6fb734728b697e71dba2fc8cba1611

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5480
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
17 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:37 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:37 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:36 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
s
googleads.g.doubleclick.net/pagead/drt/ Frame 5845 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 03 Dec 2021 13:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2884
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
truncated
/ Frame BB33 		210 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
a39301e67efce80370f99174da5f3a61d6a31c1165e1bad6677ba61e6eaac8c5

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
si
googleads.g.doubleclick.net/pagead/drt/ Frame 5845
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:37 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:37 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:37 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame 80C0 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1438991753&adk=3922714340&adf=1712505827&pi=t.ma~as.1438991753&w=300&lmt=1638438954&psa=0&format=300x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795833&bpp=1&bdt=214&idt=121&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=301&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=4&uci=a!4&fsb=1&xpc=S4ZWEZ41MD&p=https%3A//www.securezoo.com&dtd=125
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 12:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
95298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 12:18:18 GMT
css
fonts.googleapis.com/ Frame 488A 		3 KB
579 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82f::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection
0
last-modified
Fri, 03 Dec 2021 13:33:18 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
date
Fri, 03 Dec 2021 14:46:36 GMT
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Fri, 03 Dec 2021 14:46:36 GMT
load_preloaded_resource_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 488A 		1 KB
880 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/load_preloaded_resource_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:45:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
59
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
853
x-xss-protection
0
server
cafe
etag
7170004918125193417
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:45:37 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame 488A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
182
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:43:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 488A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
602
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame 488A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:36 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Dec 2021 14:46:36 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame 488A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
253
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:42:23 GMT
163b3e9c260ab6fd774ac5b5c6fd1d76.js
www.gstatic.com/mysidia/ Frame 488A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.gstatic.com/mysidia/163b3e9c260ab6fd774ac5b5c6fd1d76.js?tag=mysidia_one_click_handler_one_afma_2019
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 11:56:27 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
10209
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11360
x-xss-protection
0
last-modified
Tue, 16 Nov 2021 04:29:01 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="mysidia"
vary
Accept-Encoding
report-to
{"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type
text/javascript
cache-control
public, max-age=7776000
accept-ranges
bytes
expires
Thu, 03 Mar 2022 11:56:27 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame 488A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CwXHuzC2qYbeyBa2Lpt8P1biz6AmhxtbIZcWKi-2rC-GPpdaXDhABIKTKuiJglfrwgYwHoAHTuoP_A8gBCagDAcgDywSqBL8CT9CgdKCEhN6NY52cScjJ96HO8P7f72X_tyZaHfVEf1FUpoEt1TPW7WESDopzICpHc8okPyjTRtUHSkn9FD7PcRsYaxqF5zLuqkHUgrkb8HNQQ2xxphKw_mzCY9MotCouwJ8aGXQ6SrOoMPXoXpRNMQExT1EeUaREgbz6ygRiarYYkhv0w2WCH5f2DgAcq6LI4OzGHn6dtF_5IZDYdC8YaXY99AVCkoIsfYiUUGaZgVh-mG7iZcQpsRQvSqeTXgBcO-pWPmR6Rh_flMZYOQkSF57NB0NAVMhts1bQWbcl82sR8eFVVyE_ndZSbVEnTvog2KjCXmJLyTbW0_ujwDqfVjUuadjrToT5CM06JJAEyfT0bUpqq35AdmeDuKomgnOkOJgq6gW9HAvb7gzcuufqqccuqGhNe4TA1l5uaqv6WsAE6MCS5sIBkgUECAQYAZIFBAgFGASgBi6AB5XFfKgHjs4bqAeT2BuoB-6WsQKoB_6esQKoB9XJG6gHpr4b2AcA8gcEEPC0JdIICQiA4YAQEAEYH4AKAcgLAbgTiCfYEw2IFALQFQGYFgGAFwGyFxwKGggAEhRwdWItODIxMjQ5MDUxMDM4NjUyORgA&sigh=8XAmdwroTJQ&uach_m=[UACH]&template_id=5000
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Dec 2021 14:46:36 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
downsize_200k_v1
tpc.googlesyndication.com/simgad/15569078075006794545/ Frame 488A 		25 KB
25 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/simgad/15569078075006794545/downsize_200k_v1?w=400&h=209
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
da9fcd0bec0cacdb7b3e47f1d0e04fafcb710f1008ccc2cc85d632f90803507e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:08:05 GMT
x-content-type-options
nosniff
age
239912
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
25905
x-xss-protection
0
last-modified
Mon, 01 Mar 2021 13:42:19 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Wed, 30 Nov 2022 20:08:05 GMT
truncated
/ Frame 488A 		209 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/svg+xml
truncated
/ Frame 488A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
b2e44f8cde30b1b091cabe13aca0f74a0facbd31364a6e1c3280e3f14a602c8a

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 488A 		21 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UabrENHsxJlGDuGo1OIlLU94YtzCwY.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 10:56:24 GMT
x-content-type-options
nosniff
age
273013
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21660
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:07:18 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 10:56:24 GMT
4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
fonts.gstatic.com/s/googlesans/v36/ Frame 488A 		21 KB
21 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/googlesans/v36/4UaGrENHsxJlGDuGo1OIlL3Owp4.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://googleads.g.doubleclick.net
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Tue, 30 Nov 2021 20:07:29 GMT
x-content-type-options
nosniff
age
239948
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
21424
x-xss-protection
0
last-modified
Wed, 01 Sep 2021 18:08:24 GMT
server
sffe
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="apps-themes"
expires
Wed, 30 Nov 2022 20:07:29 GMT
3260808017867639464
tpc.googlesyndication.com/daca_images/simgad/ Frame F75A 		32 KB
33 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/daca_images/simgad/3260808017867639464
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6b98839f1557db30d1fa6233ac0db2309c1e07be1a6dea3397114958f4955e7f
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Mon, 29 Nov 2021 07:02:33 GMT
x-content-type-options
nosniff
age
373444
x-dns-prefetch-control
off
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
33252
x-xss-protection
0
last-modified
Mon, 22 Nov 2021 05:55:27 GMT
server
sffe
report-to
{"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="content-ads-owners"
expires
Tue, 29 Nov 2022 07:02:33 GMT
abg_lite_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/ Frame F75A 		19 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/abg_lite_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:43:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
183
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
7857
x-xss-protection
0
server
cafe
etag
2255741555227857113
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:43:34 GMT
window_focus_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F75A 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/window_focus_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:36:34 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
603
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
1332
x-xss-protection
0
server
cafe
etag
3351516697335751560
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:36:34 GMT
rx_lidar.js
www.googletagservices.com/activeview/js/current/ Frame F75A 		119 KB
36 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
37305
x-xss-protection
0
server
sffe
cross-origin-opener-policy
same-origin; report-to="active-view-scs-read-write-acl"
etag
"1638461285297402"
vary
Accept-Encoding
report-to
{"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
expires
Fri, 03 Dec 2021 14:46:37 GMT
qs_click_protection_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F75A 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/qs_click_protection_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:42:23 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
254
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6446
x-xss-protection
0
server
cafe
etag
5472324691301332805
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 14:42:23 GMT
one_click_handler_one_afma_fy2019.js
tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/ Frame F75A 		27 KB
11 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/pagead/js/r20211201/r20110914/client/one_click_handler_one_afma_fy2019.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e11652e7b04cdcc9c0bc7948055c05aaf8f7c066e6059d52f9b186c55368cb9e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 09:25:06 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
19291
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
11392
x-xss-protection
0
server
cafe
etag
7769099329773015066
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
public, max-age=1209600
timing-allow-origin
*
expires
Fri, 17 Dec 2021 09:25:06 GMT
adview
googleads.g.doubleclick.net/pagead/ Frame F75A 		0
0 		Fetch
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/adview?ai=CgMiDzC2qYY7SB9S-9QXpxYL4CuWPwLBmuILJ0qoPiKjMxLgOEAEgpMq6ImCV-vCBjAegAazyuL8ByAECqQJT2WovaR4NPqgDAcgDyQSqBMsCT9AD17lpWtM5jICPrWxuTIDVncRgNHEHfj5eM1l6iGjUKnepqlIB3qNM7aREGnXcyLr8nwA4jXGSQ7F-U8X4V9syzZY8ESPDZui3yfkRpZTjZ-dOBfpXaW1YBAkeGY0imzFmXWbQyqzmdbxt7ObNsyJh7_wfu5Yy__bnxKfZes0ok5rnbEfhUuay35sx8Aoi12eTRHNurPjWmL3R0Qo-4JrXD7p59hAwiE7yzs2vPonhpmineEH354FP5pOTjzi3mpW1SWea97X7VhsNbhg08My-o6N9tNc5PfJJJouNIwDXc-E1FTDn_1KOMCOw1k_a4oNaZaLBuQMY4tK0Tw6Q0xtSI9fYhrZ_Su-lZFfN8FG27ZZ393sDDrlmSm8tw8lpr_u95Eh-PCmya_ZAhQ-XLQ5705ug4zFQHD35POZZOBMkiWQvPchTbPeUvcAEl53BrOIDkgUECAQYAZIFBAgFGASgBgKAB7yNx8ACqAeOzhuoB5PYG6gH7paxAqgH_p6xAqgH1ckbqAemvhvYBwHyBwQQqP8O0ggJCIDhgBAQARgfgAoByAsB2BMM0BUBmBYBgBcBshccChoIABIUcHViLTgyMTI0OTA1MTAzODY1MjkYAA&sigh=L490t63l2P4&uach_m=[UACH]
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
date
Fri, 03 Dec 2021 14:46:37 GMT
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame BA0F 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=90&slotname=4508576443&adk=313763675&adf=1270779588&pi=t.ma~as.4508576443&w=728&lmt=1638438954&psa=0&format=728x90&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795772&bpp=2&bdt=153&idt=142&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=60&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1024&bc=31&ifi=2&uci=a!2&fsb=1&xpc=CLzTckAvbM&p=https%3A//www.securezoo.com&dtd=146
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 12:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
95299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 12:18:18 GMT
s
googleads.g.doubleclick.net/pagead/drt/ Frame 176B 		143 B
163 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131

Response headers

content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
gzip
date
Fri, 03 Dec 2021 13:58:32 GMT
server
cafe
content-length
145
x-xss-protection
0
cache-control
public, max-age=3600
age
2885
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
redir.html
p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 93B9 		247 B
961 B 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
ec545a1630e1ee544fbb1e9995e7da974cb18be7e37a6323559eb0f75511c547
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-DZtXTEBnmtjA2iMJqNJoFw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
203
date
Fri, 03 Dec 2021 14:46:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Mon, 02 Dec 2019 20:15:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame 68C2 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=280&slotname=4508576443&adk=3070795907&adf=2132339391&pi=t.ma~as.4508576443&w=833&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=833x280&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795776&bpp=34&bdt=157&idt=149&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=200&ady=2766&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeEbr%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=3&uci=a!3&btvi=1&fsb=1&xpc=dYUgqLfZ96&p=https%3A//www.securezoo.com&dtd=152
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 12:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
95299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 12:18:18 GMT
truncated
/ Frame F75A 		214 B
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
0998cfcc1f705e80e60551d1774797e9a6429e1a5cbe49864cf4dc6df0061fc7

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Content-Type
image/png
iframe.html
p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/ Frame 93B9 		4 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/iframe.html
Requested by
Host: p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com
URL: https://p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.99 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s49-in-f3.1e100.net
Software
sffe /
Resource Hash
90bd966b23a45b89794557bfaed77751077055e472145ccd79d3715a146959d6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com/v6exp3/redir.html

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-type
text/html
content-security-policy-report-only
script-src 'nonce-_KJnKNd9dOJ71-pToKAFWw' 'report-sample' 'strict-dynamic' 'unsafe-eval' 'unsafe-inline' http: https:; object-src 'none'; report-uri https://csp.withgoogle.com/csp/static-on-bigtable; base-uri 'none'
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="static-on-bigtable"
report-to
{"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length
1861
date
Fri, 03 Dec 2021 14:46:37 GMT
pragma
no-cache
expires
Fri, 01 Jan 1990 00:00:00 GMT
cache-control
no-cache, must-revalidate
last-modified
Thu, 29 Apr 2021 21:38:00 GMT
x-content-type-options
nosniff
content-encoding
gzip
server
sffe
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
si
googleads.g.doubleclick.net/pagead/drt/ Frame 176B
Redirect Chain
  • https://www.google.com/pagead/drt/ui
  • https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
0
16 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:37 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Fri, 03 Dec 2021 14:46:37 GMT
cache-control
private

Redirect headers

location
https://googleads.g.doubleclick.net/pagead/drt/si?st=NO_DATA
cache-control
private
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Fri, 03 Dec 2021 14:46:37 GMT
server
cafe
content-length
0
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211201&st=env
Requested by
Host: img1.wsimg.com
URL: https://img1.wsimg.com/traffic-assets/js/tccl-tti.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
992bedb983e7d910ca139c6f68024b6b5324ac2bcf1ec41e928d966bd1e5b9aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

timing-allow-origin
*
date
Fri, 03 Dec 2021 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8654
x-xss-protection
0
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame 8913 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-8212490510386529&output=html&h=250&slotname=1314799523&adk=2842671929&adf=2252963579&pi=t.ma~as.1314799523&w=306&fwrn=4&fwrnh=100&lmt=1638438954&rafmt=1&psa=0&format=306x250&url=https%3A%2F%2Fwww.securezoo.com%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities%2F&flash=0&host=ca-host-pub-2644536267352236&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1638542795839&bpp=1&bdt=221&idt=126&shv=r20211201&mjsv=m202111170101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90%2C833x280%2C300x250&nras=1&correlator=7278889200316&frm=20&pv=1&ga_vid=366653925.1638542796&ga_sid=1638542796&ga_hid=767558329&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=1094&ady=1180&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44750773%2C31062423%2C44748553&oid=2&pvsid=1044216241271853&pem=454&tmod=561706665&ref=https%3A%2F%2Ft.co%2F&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=1152&bc=31&ifi=5&uci=a!5&fsb=1&xpc=ZQI3kQ7s3k&p=https%3A//www.securezoo.com&dtd=131
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 12:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
95299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 12:18:18 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202111170101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-8212490510386529&plah=www.securezoo.com
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1637097310169751"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6386
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Fri, 03 Dec 2021 14:46:37 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/225/ Frame FBB5 		13 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5046
date
Fri, 03 Dec 2021 14:33:15 GMT
expires
Sat, 03 Dec 2022 14:33:15 GMT
last-modified
Mon, 21 Jun 2021 20:47:05 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
802
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 229C 		783 B
536 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
GSE /
Resource Hash
fa35036d1b9b3a3ddc9f5ae1954bffaa97156f9f82439eb7372d86937235f04c
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-FpOiBN2G9+wCSXSeHqW83w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy
require-corp
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Fri, 03 Dec 2021 14:46:37 GMT
date
Fri, 03 Dec 2021 14:46:37 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-FpOiBN2G9+wCSXSeHqW83w' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
514
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 229C 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gda_r20211201&jk=1044216241271853&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers
_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
pagead2.googlesyndication.com/bg/ Frame FBB5 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/_q4UmNMOTmtef9d1r6OTn_fK0q4sseVsYwM_ZArHqzc.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Thu, 02 Dec 2021 12:18:18 GMT
content-encoding
br
x-content-type-options
nosniff
age
95299
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13548
x-xss-protection
0
last-modified
Mon, 29 Nov 2021 16:58:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="botguard-scs"
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
expires
Fri, 02 Dec 2022 12:18:18 GMT
event
img.secureserver.net/t/1/tl/ 		43 B
379 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://img.secureserver.net/t/1/tl/event?cts=1638542797584&tce=1638542795319&tcs=1638542795012&tdc=1638542797379&tdclee=1638542795844&tdcles=1638542795844&tdi=1638542795844&tdl=1638542795619&tdle=1638542795012&tdls=1638542795012&tfs=1638542794716&tns=1638542794466&trqs=1638542795319&tre=1638542795617&trps=1638542795616&tles=1638542797379&tlee=1638542797381&ht=perf&dh=www.securezoo.com&dr=https%3A%2F%2Ft.co%2F&ua=Mozilla%2F5.0%20(Windows%20NT%2010.0%3B%20Win64%3B%20x64)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F96.0.4664.45%20Safari%2F537.36&vci=231889450&cv=1.0.6&z=1439299479&vg=260f63ce-7584-405f-b62b-05a2ab00d269&vtg=260f63ce-7584-405f-b62b-05a2ab00d269&ap=wpaas&trfd=%7B%22cts%22%3A1638542795841%2C%22tccl.baseHost%22%3A%22secureserver.net%22%2C%22ap%22%3A%22wpaas%22%2C%22server%22%3A%22b371332e-603a-e2dd-ed14-9fa1db482cc1.secureserver.net%22%2C%22pod%22%3A%22P3NLWPPOD01%22%2C%22storage%22%3A%22p3pewpnas02pod01_data02%22%2C%22xid%22%3A%2242255706%22%2C%22wp%22%3A%225.8.2%22%2C%22php%22%3A%227.3.30%22%2C%22loggedin%22%3A%220%22%2C%22cdn%22%3A%221%22%2C%22builder%22%3A%22wp-block-editor%22%2C%22theme%22%3A%22oceanwp%22%2C%22nextgen%22%3A%220%22%2C%22wds%22%3A%220%22%2C%22wp_alloptions_count%22%3A%22557%22%2C%22wp_alloptions_bytes%22%3A%22508018%22%7D&dp=%2F2021%2F11%2Firanian-state-sponsored-apt-actors-target-microsoft-exchange-and-fortinet-vulnerabilities
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
23.79.143.47 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a23-79-143-47.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000 ; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

Strict-Transport-Security
max-age=31536000 ; includeSubDomains
X-Content-Type-Options
nosniff
Date
Fri, 03 Dec 2021 14:46:37 GMT
X-Frame-Options
DENY
Content-Type
image/gif
Cache-Control
private
Connection
keep-alive
X-Robots-Tag
noindex, nofollow
Content-Length
43
X-XSS-Protection
1; mode=block
generate_204
tpc.googlesyndication.com/ Frame FBB5 		0
9 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tpc.googlesyndication.com/generate_204?9VQL2w
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:801::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

date
Fri, 03 Dec 2021 14:46:37 GMT
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=225&t=2&li=gda_r20211201&jk=1044216241271853&bg=!LS6lLmrNAAaQHwIOkB87ACkAdvg8WtQKLS-fv22CkshW2KhmFXbqg2QjyL2Rv9tYk4TXLtBvej53MgIAAABnUgAAAAhoAQeZAt_84yHSnfHyvpJnONJimg5R2q-ygsLZv2s9Lp_E9c41ithIoZhJHiOwthT-kpE9EkDYXLtggTczhb2yZxjpC71VVqRGt69t5gN432_uGcf2pDzI3nzjj2v_GzrMIvTf3_S_y2uOBUP_DoAG-kLyNQrWnkav2jTNI7ABGE6ZnvV0tg8iuv-KVWAO4rqBjamhHg-ompHabZaMTUt4KafhC5gTJsBy7IrxjjCEggv7Cgez0p3AGurgEs9z767B7yPKZWrybVIyBTWnIkVliW9jHeb3DadQeSOEHuWq8aIskBbqkS8uIXm3ucge8l6M-dNNkueVG9bGoPvbyFWcB0lnOic9P0PWAY900lfEuN-sNBulO8v3-O_RdzfWR3-WI60lea8z0i4Zv3F3mZJ-K-XBwmHeq8d7HAi7blCO0LH8THPMCIIyjBArcchpIHGzLfGe605shEBJ_OXALGNdNWIBmaBsnLpdybvCOcatxm0H9xgR1rjy-NSDRsuT9TE-Xv0SJDOelUzFxCSrsRok52asTAT78lmaE6TXiea-N5j4TtN0DXigtvQ869ZKU3ot3KeLDZv3lusovX3bXpMWfg6g1d_yViwabiFkJrjIGZ0jEAnv0Gk913fQAypWkLqrUBgKaNPYIkli6K3e_dtfaBM2FclsVoLlQ86yZk2dUy4S-6OV-Y7KuU_d78F8ebkfCB3r5bT6Vih8WuS5b9rd1LBPJUrl1F14yeyL-K1p9jvWGDTDQmeDGJHLWZKRD7Ap9KtpSACAUgBD61L-me1MkK9JRlaF0lH2RjrpLVSNF4rab3Q6CWwfzMIj2FSHzGVl4BsB9xqvYzBczag209Ggu7BuKcPX8HEw3jkJH4ijF7elqeB83-nDMODd7CXOVvqkU2iIiR5nkgvFMB1FzHY2oo523YGxOvDD1xj-iAYtGp5_-L_UTg8m87jcYlgwSD-sKg7Njei1cRguSphZbwynYWsRMfk
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.securezoo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 14:46:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 4EF9 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstPGr91VmkmV0y5_-6v-Leiw3CxSA7BsWpNz8llxNuorYn5ulfYQ_WMqTjOJnLo_6I7akI1_hgPfYOqcF2U65qdZgcX10SPG-aDTm5gVd4NZDUowzKUEQ&sai=AMfl-YQJ49YEzqThGwwIauIMa0X7pjP1WfGDgnS91OOJbjr-aeOekrGKoKp-_0ttfb6eMEqT7FgbeUZ_JMzF&sig=Cg0ArKJSzKqaFNujUexcEAE&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=313763675&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638542795919&rpt=977&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 14:46:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame 61DE 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv7Cn05x-ioEagB4RRx7aJOniuLymZU8jW3uKLfPcXMUzOS6esre3kGHqE5kdKyKezq1unRK1M1CPzWodJbhvdYbzP7qie7dfqcwlffcdaxsmF93nPOhw&sai=AMfl-YQPf0oPzsTKIwm1ZTmhALUnSU1zctnp4OoZPqHSaX1TAaPqsZt28Q88MO6j5U3dbWmER3BB9L2v8SZv&sig=Cg0ArKJSzB0U2qo_IPu7EAE&id=lidar2&mcvt=1000&p=0,298,124,1303&mtos=91,756,1000,1072,1072&tos=91,665,244,72,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638542796528&rpt=306&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 14:46:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
activeview
pagead2.googlesyndication.com/pcs/ Frame BB33 		42 B
64 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss_U_WsoUID5aScALgNwmLMp3T-LBRp_k61_tE3ezOsVY1n28RID-pV0wEWKgSn91XlNQiNBvLoA-wZQmYavBjKumcZUAP123UBKwPA3iYer6Cz1dm6uA&sai=AMfl-YSwgCxQk-9CgbydtfASePVN5speWaU3o2sH0bBnAByYakBAkaTQgR4PnPDA3tcE90Czx60lKLuRtojt&sig=Cg0ArKJSzJ4zFzNTPpSREAE&id=lidar2&mcvt=1002&p=0,0,250,300&mtos=1002,1002,1002,1002,1002&tos=1002,0,0,0,0&v=20211202&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=3922714340&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0%3D&vs=4&r=v&rst=1638542795959&rpt=970&met=mue&wmsd=0
Requested by
Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://googleads.g.doubleclick.net/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.45 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Dec 2021 14:46:37 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

83 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| 5 object| 6 object| 7 object| onbeforexrselect function| reportError boolean| originAgentCluster object| scheduler function| gtag object| dataLayer object| adsbygoogle object| google_js_reporting_queue number| google_srt object| google_logging_queue number| tmod object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots object| google_persistent_state_async function| google_spfd number| google_unique_id object| google_sv_map string| google_user_agent_client_hint number| google_lpabyc undefined| $ function| jQuery object| lazySizesConfig object| PT_CV_PUBLIC object| PT_CV_PAGINATION object| oceanwpLocalize object| _trfd function| tcg function| tcp object| perfhandler object| TCCTracker object| _trfq object| true object| tti object| google_tag_manager function| google_sa_impl object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| gaGlobal object| ampInaboxIframes object| ampInaboxPendingMessages object| lazySizes function| EvEmitter function| imagesLoaded function| jQueryBridget function| getSize function| matchesSelector object| fizzyUIUtils function| Outlayer function| Isotope function| Masonry function| Flickity function| Unipointer function| Unidragger object| sidr object| oceanwp object| wp object| google_tag_data string| GoogleAnalyticsObject function| ga object| gaplugins object| gaData object| google_llp object| googletag object| GoogleGcLKhOms object| google_image_requests

11 Cookies

Domain/Path Name / Value
.t.co/ Name: muc
Value: e3c1d4ab-ddf3-4ef4-a1d5-40513ecdcd37
.t.co/ Name: muc_ads
Value: e3c1d4ab-ddf3-4ef4-a1d5-40513ecdcd37
.buff.ly/ Name: _bit
Value: lb3eKy-904742ed4d5cd7ba18-00J
.securezoo.com/ Name: __gads
Value: ID=2381f4cbbc86a3f6-229cbaee2fcc001e:T=1638542795:RT=1638542795:S=ALNI_MZIoycpLIHkKxhAoKrBmX7JDxZysQ
.securezoo.com/ Name: _ga
Value: GA1.2.366653925.1638542796
.securezoo.com/ Name: _gid
Value: GA1.2.1768375103.1638542796
.securezoo.com/ Name: _gat_gtag_UA_36086945_1
Value: 1
.doubleclick.net/ Name: IDE
Value: AHWqTUl4M3TMGVrJFY3VK0INAYOZrE1vO_Op1JqSBLrU24irA_fIHU9Nt9VFdBiixnc
.doubleclick.net/ Name: DSID
Value: NO_DATA
www.securezoo.com/ Name: _tccl_visitor
Value: 260f63ce-7584-405f-b62b-05a2ab00d269
www.securezoo.com/ Name: _tccl_visit
Value: 260f63ce-7584-405f-b62b-05a2ab00d269

1 Console Messages

Source Level URL
Text
javascript warning URL: https://googleads.g.doubleclick.net/pagead/html/r20211201/r20110914/zrt_lookup.html?fsb=1#RS-0-&adk=1812271801&client=ca-pub-8212490510386529&fa=1&ifi=6&uci=a!6&btvi=2
Message:
The resource https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500 was preloaded using link preload but not used within a few seconds from the window's load event. Please make sure it has an appropriate `as` value and it is preloaded intentionally.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=0
X-Xss-Protection 0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
adservice.google.de
buff.ly
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
img.secureserver.net
img1.wsimg.com
img6.wsimg.com
p4-eibixl5cg7kws-myrrngax6s6zylfp-if-v6exp3-v4.metric.gstatic.com
pagead2.googlesyndication.com
partner.googleadservices.com
secureservercdn.net
t.co
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.googletagservices.com
www.gstatic.com
www.securezoo.com
104.244.42.5
142.250.185.99
2.16.186.248
216.58.212.130
23.79.143.47
2a00:1450:4001:801::2001
2a00:1450:4001:803::2002
2a00:1450:4001:80e::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2004
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:4001:82f::200a
2a02:fe80:1010::16
45.40.152.13
67.199.248.13
0998cfcc1f705e80e60551d1774797e9a6429e1a5cbe49864cf4dc6df0061fc7
0b511144424166f3c1ef7f0a7db1a3e6b0f9f37c270f2c681b2a74f272578bd0
0c6daa646e0a867e5f721b5017c98cfd2c82c26c60b614531ddae8a5d9986be8
0f0a082ff760a06c1c0bfc2e65ce5dbf7bec65bd948a8456c6a8396c4796c516
0fe6a4357505cb0d3ca8ba0671ad57df6b7410ca02cb8065eed58e2c0381e640
104673f4859604362a18fc6294197d8fffb8cb24ad3211e92eb04f655e18cf4a
16923f9fcc118f6870a574a73697c19eb79210b2ce401e5e1b92a2a5fcda080a
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1abc5469f1235e85489ca1062a07fe18c7f449e3ba039d3de0da07fbb3c5892d
287dd928de74d0805e7f4e3d047e270f9a6383c0a625ecfc44df67a07a235360
28c562c4b3c313cac120c17fb85f13b74702d86e5d0a417a640d88d80102b4db
32b5c88160bab78ae20a39de4a8abe015f4f4c5d48be8300a6686d32a570ccfb
36eb26e781bd5df368210633ce1197df38df32820e93c18e48afb04ad1cea627
44eec0a15d3e0040b9c9aeb11ca5b267b25f8e63e4fd19c3a0ff170dcd61a632
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
57c96fd4294617fb0bf3842d1f77ec2365ff0d0d00b6817508b6192df0e8c169
59b871cfdfa6f79e3830f594f22e5f746f7428a8fe907d803f8e0c60409616b8
5e9efeb493d5c435c97e15db3fd579650b3504edff228c9b86c93ae9b3317c8d
60797ef7c008cffc4f4e0b407d152a6e72acf2934d6669695a15f83782b738f4
615050cfd7cd77d6941c6c0b4551d20c4d5ad825bc9fd7acc61a0bdca7783d26
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6257e792f9aef240d1954956a6ea7982c0268035f15a79931a110ed6344c8c4c
63cb35133865eac473826f95c6a9d64ff1fa3da71403ea4f1981e5de9bcd69bd
674a408d3734c7a358ab08ab384fa3039609e59c7e4c83cac361b851f6f756e0
6b555920e358f8a25a422988b448615c33bcccb4f932e8331cebfc8e2a737fc7
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6b98839f1557db30d1fa6233ac0db2309c1e07be1a6dea3397114958f4955e7f
6e74c12390bdb48bf5b0bb295ceed4f68add11467d2472d983a42e3023ecf312
75f4bd84b3e6579d057e5fba846f81e7dba9ae8d3afc52dbdf997302c3ca2f69
79aad090587780d219700b0338ddaa45f6b028dd6c6064758ca6398df59ae93f
7e0bb4bd1e827a55b9b1949ffa3c45dc344bfb1907b77fd65e47f22e7f40c96b
86261cb44918a52b37509a17c360f32d24f362544ffc50f638883875ca4f048d
87f7f86b17eacf56e623a69be05e5f5487470d6b30347efe12742aefa3f5af48
90bd966b23a45b89794557bfaed77751077055e472145ccd79d3715a146959d6
992bedb983e7d910ca139c6f68024b6b5324ac2bcf1ec41e928d966bd1e5b9aa
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a39301e67efce80370f99174da5f3a61d6a31c1165e1bad6677ba61e6eaac8c5
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a557eef54b4446fb873944d7bbb727ed030570ae44d68e519960e46336c85e7e
aa5c1ec4d2ea00eb517eadeb3b65e55b577b7a5ed42d7c2611d15d9050c18350
b138f0b28fe44581bebb03d0ff7046e4f8416deeb5d152ede640eaa3dc1c7872
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2e44f8cde30b1b091cabe13aca0f74a0facbd31364a6e1c3280e3f14a602c8a
b44bec5e6134c42d0c5a7a0317db7c75a18dd9805793c80e3a2f4c563fae3116
b4a25f11fbb1e2b547eaf848472f9c048824e307a945f3a0417aac7b09d0456e
b81c2ab9c2449e26837a35baaa663da62a3e8ae93f874beb1530c5866338318d
c4fada4accfa24704b54248bc5ce84acac50b6a059828b7714fe3006786c80c1
c55eebd9845964c111ecdbe7e583ed00ff47536f13c46a7e9c70430cc7ea091f
c9a70686ad065d96298301b1fe7daf4199a4e72348dd638330390f7763ae226b
cff85611de35fa4ddcbb979d2b1132d4a9ef7b07e924dc3bc6c6526fa95adfc9
d36ac4ff2cd93680869aa0d97a524b77ba900116eaa05c60b1d1af4cc9550572
d7779d95203bed5280ee3281f856607f95ac5df680547356656c7109d7d0a6a6
da6eebec36e1b5e315aa82c769f2221e3c6fb734728b697e71dba2fc8cba1611
da9fcd0bec0cacdb7b3e47f1d0e04fafcb710f1008ccc2cc85d632f90803507e
db7b6065199d322ae831392159a7735c598493d32ea9af68aac214b0eb6cd029
de418fdfa1d02a219d049bb1cd8562182c4201c67f6b9d0e2f67f21a476e1096
e11652e7b04cdcc9c0bc7948055c05aaf8f7c066e6059d52f9b186c55368cb9e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e66565e03b107e21ca651df1df7bab7f9a74dd6b28fbe4f54ca5f6edfd497ec6
e9f6f884ac8a98b9e7f11b5deae284f63c84a4f54dab618f2ff03c903705f474
eb43398c976da8be22770ad7b01373022ddbe46ca907d637bb4d0e1768b1ca15
ec545a1630e1ee544fbb1e9995e7da974cb18be7e37a6323559eb0f75511c547
ed2b15bd5e828d105770d9404f0c3bc180ff280736c32b8afb0de83f8ae58e14
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f7279d9b3d54cea41cfa5118bd68bb20ccb76b646c80c35e5cc11c7581d6d1e0
fa35036d1b9b3a3ddc9f5ae1954bffaa97156f9f82439eb7372d86937235f04c
feae1498d30e4e6b5e7fd775afa3939ff7cad2ae2cb1e56c63033f640ac7ab37