www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W...
Effective URL:
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Submission: On June 14 via api (June 14th 2021, 2:14:16 am UTC) from US

Summary HTTP 264 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 43 IPs in 4 countries across 31 domains to perform 264 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:671f	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 39	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
47	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
11	52.216.144.149 52.216.144.149	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:802::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5905	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:2b0::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
5	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c04::9c	15169 (GOOGLE) (GOOGLE)
26	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
33	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4 8	52.212.52.211 52.212.52.211	16509 (AMAZON-02) (AMAZON-02)
4	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
8	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
4	3.12.243.139 3.12.243.139	16509 (AMAZON-02) (AMAZON-02)
4	3.140.174.87 3.140.174.87	16509 (AMAZON-02) (AMAZON-02)
4	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
12	52.213.246.12 52.213.246.12	16509 (AMAZON-02) (AMAZON-02)
8	34.206.10.182 34.206.10.182	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
264	43

2 2606:2c40::c73c:671f (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

47 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.216.144.149 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5905 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:2b0::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

4c85f40c1c87e2a6a13b69d7b9310b74.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c04::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

26 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 52.212.52.211 (Dublin, Ireland) 4 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-212-52-211.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.12.243.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-243-139.us-east-2.compute.amazonaws.com

tags.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 3.140.174.87 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-174-87.us-east-2.compute.amazonaws.com

events.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 52.213.246.12 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 34.206.10.182 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-206-10-182.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
68	googlesyndication.com 4c85f40c1c87e2a6a13b69d7b9310b74.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com	412 KB
39	cyberscoop.com 4 redirects www.cyberscoop.com	312 KB
34	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	684 KB
28	adsafeprotected.com 4 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	373 KB
27	googletagservices.com www.googletagservices.com	653 KB
12	google.com adservice.google.com www.google.com	4 KB
11	amazonaws.com s3.amazonaws.com	54 KB
8	mmi360.net tags.mmi360.net events.mmi360.net	537 B
6	google.de adservice.google.de www.google.de	2 KB
4	atdmt.com ad.atdmt.com	2 KB
4	2mdn.net s0.2mdn.net	634 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	1 KB
2	facebook.com www.facebook.com	312 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	98 KB
2	addtoany.com static.addtoany.com	60 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	3 KB
1	twitter.com analytics.twitter.com	658 B
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	t.co t.co	454 B
1	hs-scripts.com js.hs-scripts.com	902 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	hsforms.net js.hsforms.net	135 KB
1	taboola.com cdn.taboola.com	23 KB
264	31

	Domain	Requested by
39	www.cyberscoop.com	4 redirects hubspot.fedscoop.com www.cyberscoop.com
33	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com www.cyberscoop.com
27	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com www.googletagservices.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com ad.doubleclick.net
26	tpc.googlesyndication.com	securepubads.g.doubleclick.net 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com tpc.googlesyndication.com ad.doubleclick.net pagead2.googlesyndication.com
21	securepubads.g.doubleclick.net	www.cyberscoop.com securepubads.g.doubleclick.net hubspot.fedscoop.com www.googletagservices.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
12	static.adsafeprotected.com	pixel.adsafeprotected.com 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
8	dt.adsafeprotected.com	2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
8	googleads4.g.doubleclick.net	ad.doubleclick.net
8	pixel.adsafeprotected.com	4 redirects 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
7	www.google.com	securepubads.g.doubleclick.net www.cyberscoop.com tpc.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	ad.atdmt.com	ad.doubleclick.net af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
4	events.mmi360.net	ad.doubleclick.net af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
4	tags.mmi360.net	ad.doubleclick.net
4	s0.2mdn.net	ad.doubleclick.net af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
4	ad.doubleclick.net	www.googletagservices.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	track.hubspot.com
2	465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	hubspot.fedscoop.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	www.google.de	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	4c85f40c1c87e2a6a13b69d7b9310b74.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	t.co	www.cyberscoop.com
1	px4.ads.linkedin.com	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
264	47

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.wsj.com
www.techrepublic.com
www.colpipe.com
www.nbcnews.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tags.mmi360.net Amazon	`2021-03-04` - `2022-04-02`	a year	crt.sh
events.mmi360.net Amazon	`2021-05-04` - `2022-06-02`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-05-15` - `2021-08-13`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh

This page contains 30 frames:

Primary Page: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Frame ID: 9CB70022442D1560EC18E021EFA39841
Requests: 88 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 5BFF968425C885B67B64EA456BA5E477
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 1FF2A18B5AC057F9A3455793D98CD21B
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 347F134FFF105B6AD67D347CC110F8F6
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 1BD1D86B0114F54FB16F270272033B17
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK3lNusr8rnXJY0wDGRHAZWqX_nzoLT8y3Jyd7KylmLwRiZJRpEJUAfdQccWs8mMGzhf-ztsbKlU5cBRfy4bWDqWQgGfZhZ8V7_Af9nTthSP05qrLGdWj2yRrpSy0Q95IpScuDBPR2u2Q_CVmdW9eUhMYgSQPb876xkdjDq8cK2JpbDT8CmqVEjGUIq2CeLp9JrDwV-CO5MrF8gRdYJhnu5rodIVVORoMmJxVfYmYJ5LZKpgGw7rYjCzWwNW_CLQ9SVXaZhO9Qvrjq3SCnhMfQlGwCrwWOx8tB7wa5Yko&sai=AMfl-YQZu4TI_3mzHfdhsXw9mPtCtZaDfkCWo0v2Uaae-fI1m2cP_GcAMNXYtsaZsFz4p0PnIQ5rvFkNU3JQnI5DNXMK-xXVDo27r7_WAqB3qMcLi_GgxJmIQj3ERSeHJxo&sig=Cg0ArKJSzAnn0-WBm5FSEAE&adurl=
Frame ID: 38EADECAD37BDD167E2D96EECD091225
Requests: 9 HTTP requests in this frame

Frame: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 82FDD503B6AC08E9B6EA404298B112FF
Requests: 25 HTTP requests in this frame

Frame: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 6C6F4A090C2F70650A7A4921E7327B05
Requests: 23 HTTP requests in this frame

Frame: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: A0A894BB8D69089277A05A6CB7B5FB4D
Requests: 13 HTTP requests in this frame

Frame: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 0DC1DBC746A0F23D9D0DAE03E2558770
Requests: 23 HTTP requests in this frame

Frame: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGobSFAJmhxQ5Q5TFN3aPWjeiWnuNDVXr1RkJgyzkK7QDT9QhEPvibtixNk1P3gpsH2f3V-G6A6HMFUG02IF2yK_RXfSwkWLc2nDg9D8ORBWqtTKMdH-H6E0_3ewxYw-bkHXMz_CO2fv6oKXf7zOGAVL0WkhU0q2qo_wPA4gLvnC-4VnwImCAzYTeaMXtRUEnFIMjubY7tRynpdFD2Y0jgj65sVUKytlzU1OjsWJggPWzAy5JJCYMrAzgG0iwpGfspLhzmLKOhecc9U4Aib26hl4TT7xExHDjFI%26sig%3DCg0ArKJSzA2oA0Pm2LD0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=BKDCKuHTrA;osda=2;sttr=27;prcl=s
Frame ID: 38DF0339FB2847A094F0F364400D7C53
Requests: 13 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: CA36FA5DED023DF1BD537C6730EABBF1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: C3CA8CA46818C1D2C832FEE47066A342
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 79A7B269D3F09797F71CFF4CB283918C
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: D94ED8E8DC559B44FBDDAE939606D9AF
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 3A043273D7EDCA64E9BB707F7671D403
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 8955E1BB248D01400D1E17E1BCD8A506
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 3239164DD318CF287C1FC4C8683841A6
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 18BA876B58A639FC2C76BA740A87DBCF
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 799E3C881705BBDC2D8D1658208A1C93
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: A911D5D77990681AC77D6C0B16D6F57A
Requests: 1 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js
Frame ID: 39100319482CDACF8E8179A8105F742A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: EE31F861CB728F5AF6B06FE6527B0531
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 00632749A00CDFCA5D203980A8CB27F1
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 60C0A70D984472C6A7B0D28CD041E495
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7764FA45CF2EF755F6E6BC82617DCB72
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 9B550E67B978203D642180F89BFCD616
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: EFEC89356FECB165F310296E4AC7BA15
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: DBDD6042D74DE880D563F7EB765AAAD7
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 810BDC70D34C1962552BD2ED277AFBDF
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC3... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5... HTTP 307
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

264
Requests

100 %
HTTPS

66 %
IPv6

31
Domains

47
Subdomains

43
IPs

4
Countries

3665 kB
Transfer

8875 kB
Size

11
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/colonial-pipeline-ceo-tells-why-he-paid-hackers-a-4-4-million-ransom-11621435636
Title: paid its attackers $4.4 million

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/ransomware-attackers-are-now-using-triple-extortion-tactics/
Title: netted an estimated tens of billions of dollars

Search URL Search Domain Scan URL

URL: https://www.colpipe.com/news/press-releases/colonial-pipeline-company-ceo-issues-statement-following-announcement-by-u-s-department-of-justice-on-recovery-of-cryptocurrency-funds
Title: Colonial said in response to the cryptocurrency seizure

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/politics/meet-the-press/sec-granholm-backs-ban-ransomware-payments-you-are-encouraging-bad-n1269776
Title: she supports a legal ban on ransomware payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&__hssc=143679850.1.1623636832039&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91?_ud=e5291a78-25c0-4ddd-8f16-2f1982ef6086&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623636828228%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fdoj-darkside-colonial-cryptocurrency-seizure%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQKVzS4hzZ5voQAAAXoIS-LNowFrIiNsGGcJmkwjx-fDYggPTvDzpBQk2hRqlUvZ3JP2tUfp

Request Chain 211

https://pixel.adsafeprotected.com/rfw/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:6eed6bfb-c821-2d97-363e-1598179a85b5,c:ftJ04Y,sl:na,em:true,fr:false,mn:app03ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgSG38+1111%7C112%7C121*.488356-54699616%7C12111%7C122%7C1311%7C132%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:121*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:259,oid:290241b8-ccb6-11eb-8edf-0a6fa201f3de,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 215

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:d74036c7-8bf5-4ca9-2743-0fc6102e97c7,c:ftJ05I,sl:na,em:true,fr:false,mn:app05ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgSG2j+111*.488356-54309639%7C1111%7C112%7C12111%7C1212%7C122%7C1311%7C132%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:111*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:355,oid:29021b6a-ccb6-11eb-bddc-02bf2b86cc68,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 217

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Faf1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Faf1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:ff84ee69-5d6f-e0c6-6ec3-6f787aa89e82,c:ftJ05V,sl:na,em:true,fr:false,mn:app27ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgSG4b+1111%7C1112%7C112%7C12111%7C1212%7C122%7C131*.488356-54309637%7C1311%7C132%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:131*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:252,oid:29024235-ccb6-11eb-bb04-02617d9e854e,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 219

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:d343dff0-f838-fa46-a2fb-3d8dafd31fea,c:ftJ068,sl:na,em:true,fr:false,mn:app34ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgSG4k+1111%7C1112%7C112%7C12111%7C1212%7C122%7C1311%7C1312%7C132%7C141*.488356-54309639%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:141*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:256,oid:29021af1-ccb6-11eb-a82f-02b1f7e14db1,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

264 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27... Show response
hubspot.fedscoop.com/e2t/tc/ 9 KB
3 KB 77ms
47ms Document
text/html 2606:2c40::c73c:671f
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:671f , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1f81183122605de9588b30ce5cf7be362c55178d015988fc834f7b3378ed5f06

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-type: text/html;charset=utf-8
cf-ray: 65f00a988c889ac2-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9e4f35000009ac260193000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: d727124f-ac25-4c6a-86df-bde5ad6628c9
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=P8eIpJVd8sOS1qIWO%2Fom%2BTpCY7KJi6VnSuylO3CD4ib6OjlVEXmP37TYIolw2J0Zlf1f8kzBqPH58qeHyhWhENOnXmJkvJAdZ44GAhQyIVAmx4n08v5%2BxqbHPClyqeg5Wau6uIZKLMjt7F3ApA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=30ba2364a7ca0d378f5000092d076a7b8f69ab06-1623636826; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbd...
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

55 KB
14 KB

395ms
195ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

6df5297b890ff6b7e63372da52b58276e6af2f2914d30d7edcd5ead5af63c738

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /doj-darkside-colonial-cryptocurrency-seizure/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:13:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/56914>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=56914>; rel=shortlink
x-fastcgi-cache: HIT
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Mon, 14 Jun 2021 02:13:47 GMT
location: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
cf-ray: 65f00a98eca19ac2-FRA
link: <https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9e4f39500009ac26088f000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 25f2832c-54f4-494c-a415-9ba9ea5068ae
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1hndI0ZwPlZTUe%2BH%2FukDDbqriEhBZRPy8Db%2FZLuXt4HxnpIe2vptwiiNRMHQZclXD3VAmDLztzbTbl5dTFHTDI%2BjKgAH3OWt%2F6jl%2Fj3U8m82DtYHI%2F%2FRIFeEe0yLGscPvV%2Fv%2BR%2B7mBemXtaTfw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 101ms
99ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

:path: /wp-content/themes/cyberscoop/style.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
803 B 17ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 02:13:47 GMT
server: ESF
date: Mon, 14 Jun 2021 02:13:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 02:13:47 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
665 B 16ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:19:30 GMT
server: ESF
date: Mon, 14 Jun 2021 02:13:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 02:13:47 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 101ms
99ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 jquery.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 87 KB
31 KB 101ms
99ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 11 KB
4 KB 101ms
99ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 103ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

:path: /wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 103ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

:path: /wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 103ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

:path: /wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 103ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 129
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 69 KB
23 KB 23ms
6ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: n1vF9p5VnwtUi4OVeKiiCR8shgMwhmvH
content-encoding: gzip
etag: "ae15e30aca91b7a60c5cc29e73eacf0e"
age: 162
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23442
x-amz-id-2: v3jSd1ubrY//ZSaAkwjggNWZqhLtSqP3mq0TSkF/bPtUTCHFh0yAvPr5qqDnqasBsO4Uw2cbtuU=
x-served-by: cache-fra19133-FRA
last-modified: Sun, 06 Jun 2021 17:54:31 GMT
server: AmazonS3
x-timer: S1623636828.614753,VS0,VE1
date: Mon, 14 Jun 2021 02:13:47 GMT
vary: Accept-Encoding
x-amz-request-id: VFRKDC3E2A4QAY8G
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 89
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 103ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

:path: /wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 138
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 103ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

:path: /wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 103ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

:path: /wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 213
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 103ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
22 KB 37ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 793 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:47 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 407ms
118ms Image
image/svg+xml 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: GHNXS3NJMN76NWGB
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: oqXEQjgZnzdft/1x7/WQuQAG/4rkp5D7KrWTJ+CoU1p16tDUKYvIodUeQ2s7o0gCOs4GIzlB3kA=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 408ms
119ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: GHNWQY2XVF3EHF9W
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: t3pg5O96lCWpb1gM3Xlg11GYc0lSkCP45sgpZYSKyR1BJKa3tbLLmbj7uEOnVjYg++x8lA013nI=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 100ms
98ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:13:47 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 100ms
98ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:13:47 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 100ms
98ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:13:47 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 100ms
99ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:13:47 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 100ms
99ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:13:47 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 444ms
141ms Image
image/svg+xml 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: GHNTYFK3ZQYQCH50
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: y19oFDWoxuFDPqlJXCjE1GJEydNx0a448s8LjGAX1OdWHvPHnjbjQrBsXbac0CfdUPZQUhdmlk4=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 573 KB
135 KB 69ms
53ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
via: 1.1 38ecebcaa39c8742da2b6336935bb446.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 412
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e4f708000063a7d5170000000001
last-modified: Thu, 10 Jun 2021 01:55:02 UTC
server: cloudflare
etag: W/"be4017dc0d84057af0be82378d2bcd1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=G0lbsdq9jeF7xL%2F9PJ18bToU1IvPXsPIjL1xfsEGDtA8kpDPRywfvCuNt8f7gRHkdNFgqbQG444tWY4mpsUVZ6R4EApBzKP%2FdR50rfYndwciYzRyRH9X4ahgLmq85O3wOLq1n%2FiJ%2BQ%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _lWo_seegG84aAiYV148P6d_vJ1mA4fg
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 65f00a9e7ddc63a7-FRA
x-amz-cf-id: zYqqOkycNkN7YResMn4GDt7C3JnVPPf29qwO0930bfnPmNc2davrFQ==
x-hs-target-asset: FormsNext/static-5.319/bundles/project_with_deps.js

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896fed6cf068a0d1e73a60868a06def4f229223ab2f78856a90f7f81ad9157e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 794 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21413
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:47 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 98ms
98ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
986 B 100ms
97ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-592"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 18ms
17ms Script
application/javascript 2a00:1450:4001:802::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

515a19b0aca202c0a2a5932e9cec9250258573e8a1b3346ae8aef7e4337ab126

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53338
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Jun 2021 02:13:47 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 100ms
99ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 192ms
191ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

:path: /wp-content/themes/cyberscoop/css/lightslider.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:13:47 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
27 KB 39ms
22ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70260
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e4f72100004a6da1ba8000000001
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 65f00a9e996b4a6d-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 423ms
122ms Image
image/svg+xml 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: GHNH98GFBA9SZTY6
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: DEl1Wyr1+EZps67ehEUkDdmsnnYZPZP9yG4o5S5gN1SMImpOVzbc29B6DELrB/WTe7lFoHvm9MA=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 420ms
119ms Image
image/svg+xml 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: GHNGZ4N0MMG2EXMG
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: I5215/d1pNkK6eqGZDQ5Tcw9GEpdO+0+GekM2L/5vKtPDCchjys8PwbE4RR2dccYIBf89qK4l88=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:30:23 GMT
x-content-type-options: nosniff
age: 168204
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 03:30:23 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 98ms
98ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/cyberscoop/fonts/PuristaMedium.woff
pragma: no-cache
origin: https://www.cyberscoop.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 5BFF
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-do...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi...

2 KB
1 KB

1583ms
1582ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

ba601daeda8cb0d179beeeafbe63848d0576b172f3e2800f1848be282b2af497

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1305187597.1623636828; _gid=GA1.2.1880924883.1623636828; _gat_UA-80491860-1=1; _fbp=fb.1.1623636828299.1284348587; __gads=ID=1a5fa52a8f707b85-229a6f0e5fc80004:T=1623636828:S=ALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:13:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:13:48 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 1FF2
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-co...
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-c...

1 KB
918 B

1565ms
1565ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

2d209520098b09aa8847fc90e422c9a590e6386bbcf1ede1357c0a1531f26b08

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1305187597.1623636828; _gid=GA1.2.1880924883.1623636828; _gat_UA-80491860-1=1; _fbp=fb.1.1623636828299.1284348587; __gads=ID=1a5fa52a8f707b85-229a6f0e5fc80004:T=1623636828:S=ALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:13:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:13:49 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 347F
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,...
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2...

2 KB
1020 B

1609ms
1608ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

f9f5fb1596ab72270fbb5bfbc64b6f05d259a045255a36c176833936f29ecde9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1305187597.1623636828; _gid=GA1.2.1880924883.1623636828; _gat_UA-80491860-1=1; _fbp=fb.1.1623636828299.1284348587; __gads=ID=1a5fa52a8f707b85-229a6f0e5fc80004:T=1623636828:S=ALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:13:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:13:48 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 1BD1
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice...

2 KB
1 KB

1659ms
1659ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

82b93870340639f93f374966650f61a46c1a4b0891f25ba9b9673a1426d0bd20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1305187597.1623636828; _gid=GA1.2.1880924883.1623636828; _gat_UA-80491860-1=1; _fbp=fb.1.1623636828299.1284348587; __gads=ID=1a5fa52a8f707b85-229a6f0e5fc80004:T=1623636828:S=ALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:13:50 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:13:48 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1233323151-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 96 KB
96 KB 98ms
98ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1233323151-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b0ebb64770d12923ab367667f418fe5bfa5ae336f3404eb74463128a10ef098f

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1233323151-1021x681.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:47 GMT
last-modified: Mon, 07 Jun 2021 20:26:51 GMT
server: nginx
etag: "60be810b-18089"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 98441
expires: Wed, 14 Jul 2021 02:13:47 GMT

GET
H2 200 GettyImages-1225219966-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 9 KB
10 KB 167ms
167ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Fri, 11 Jun 2021 19:06:20 GMT
server: nginx
etag: "60c3b42c-257a"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 9594
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H2 200 GettyImages-1322885030-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 13 KB
13 KB 167ms
166ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Thu, 10 Jun 2021 19:50:07 GMT
server: nginx
etag: "60c26cef-34a9"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 13481
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H2 200 GettyImages-158214905-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 10 KB
10 KB 167ms
165ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Thu, 03 Jun 2021 20:27:18 GMT
server: nginx
etag: "60b93b26-2933"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 10547
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 167ms
163ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 361
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 166ms
161ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 481
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 166ms
161ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 946
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 166ms
161ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:13:48 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 433ms
141ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: GHNS6N4FCNEMS1Y6
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: acm/6mRqiuBN0qvTt+Cf0DqGU3Xks8pHJDyRkdvVBqcOBzeWqPOXxu2GJOrTBNVNUny5aMM0B7w=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 108ms
107ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: GHNK7HWKHMJEN8VA
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: wvYurpDgCkOfA3AafpFgrG+ZDGir7VPfOd3hkKaxcMGWsaA0SykxmeESKlQsjhch/MYyxhh4ZyU=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 103ms
102ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: GHNG5MJQYWJVT61E
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: /1wuj7xB4TT+MlDo3xJywqyJglaUcqEqC06JSxggRLFKXSVIIMwbalTrc2gfG6Z/mkf2ckYUw4s=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 110ms
110ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: GHNZQXT1GFGVBK32
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: CF6j6N80/3hde7EQqUMaFCPTXyzFzktQNMNLSuFT4k726aCN1mAJE/RhZrfRzwJQCwZPvYfTfEw=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 112ms
110ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: GHNWBSW9V639VT29
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: OfqeCuA/NMnO2yAYiusgIpjMvFgMsmw8FGU2sFSiy5jbevN4FqiUZB4Qb7wOcRY5Df/M3lgVtXE=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 113ms
111ms Image
image/png 52.216.144.149
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.216.144.149 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:49 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: GHNH4EXMSHP48XFE
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: FmGUT/0gsWabj/78JhK/B6RVH3b0gvRry7ZcD7An/ICxODpu/L89Ye5nLS1nftBEOKYwKUeNY78=

GET
H3-29 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 24ms
22ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:44 GMT
x-content-type-options: nosniff
age: 155403
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:44 GMT

GET
H3-29 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 15ms
11ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:27:54 GMT
x-content-type-options: nosniff
age: 161153
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:27:54 GMT

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 27ms
23ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:03 GMT
x-content-type-options: nosniff
age: 160604
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:03 GMT

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 142ms
115ms Script
application/javascript 2606:4700::6810:5905
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5905 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

31cb368bc58c68d2573ae08aa725c43ef0a488e2a853e7e67daab2bd32aad18c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 11b3bde5-3c61-4a1f-82f1-a76fa4463e37
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e4f81900004a6e242b1000000001
server: cloudflare
x-trace: 2B1EA6C46696BEAFE588462FC25B641850BFE558B7000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 65f00aa02aa74a6e-FRA

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:6c00:2b0::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:2b0::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:13:48 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=42684
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 21ms
6ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 55306
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623636828.183698,VS0,VE0
x-served-by: cache-hhn11576-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: LkoRq/AiKULhEYz7GO4rfaYEXI0AnzKwl6AuL82WcHz+/2TYV7hK2tMMeEXByG7c8VPRpWM5kDvT2YkARB/rtA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Jun 2021 02:13:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 1016 B
902 B 155ms
138ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ffa0b98a0d410d2703d082d2656f8511370edf0b70154934dcf36581216ec349

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 04ef9fcf-d92f-41f8-9e34-9c5535d256b5
cf-request-id: 0aa9e4f81900004e7f07161000000001
server: cloudflare
x-trace: 2BC02E7D7419D192EEBAB287A3812F9662E579CD3C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 65f00aa028ca4e7f-FRA
expires: Mon, 14 Jun 2021 02:14:48 GMT

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 27ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:48 GMT

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 31ms
22ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7190275
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e4f84700004aafee0eb000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 65f00aa0684b4aaf-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4511
date: Mon, 14 Jun 2021 00:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 14 Jun 2021 02:58:37 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623636828228%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fd...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQKVzS4hzZ5voQ...

0
155 B

314ms
135ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQKVzS4hzZ5voQAAAXoIS-LNowFrIiNsGGcJmkwjx-fDYggPTvDzpBQk2hRqlUvZ3JP2tUfp
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:49 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: dHGL/hdRiBaAVcGVBCsAAA==

Redirect headers

date: Mon, 14 Jun 2021 02:13:48 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636828228&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQKVzS4hzZ5voQAAAXoIS-LNowFrIiNsGGcJmkwjx-fDYggPTvDzpBQk2hRqlUvZ3JP2tUfp
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: +AG+7BdRiBbQDEWvvSoAAA==

GET
H3-29 200 896395920528126 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 14ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75729
x-fb-rlafr: 0
pragma: public
x-fb-debug: ZWlZEqBzdQwPLoCKnZYKxPgc+zqTH0MfSgpgvwtnMyk8GN0/xAEE2anPV+ljsF41VnCLT0y+y7f31M3wn3cSCg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:13:48 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
454 B 126ms
110ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 02:13:48 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 57d0e91707a3d2b298e36e816a90a0fa2cb31ab5096ddc6085975ff500f8c8f5
x-transaction: cd73618c7b190e80
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 35ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 43ms
43ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3991849316707933&correlator=4311239963072930&output=ldjh&impl=fif&eid=31060784%2C31061429%2C31061143%2C21065724&vrg=2021061001&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1623636828&dt=1623636828263&dlt=1623636827590&idt=652&frm=20&biw=1600&bih=1200&oid=3&adxs=480&adys=365&adks=113530204&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x532&msz=640x-1&ga_vid=1305187597.1623636828&ga_sid=1623636828&ga_hid=777493101&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

cc3847732011c5a9905366f1b984c9549bf52822267e6e284c9357f773666b8f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11246
x-xss-protection: 0
google-lineitem-id: 5715621344
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352336806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
4c85f40c1c87e2a6a13b69d7b9310b74.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 47ms
14ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://4c85f40c1c87e2a6a13b69d7b9310b74.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 27ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=777493101&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&dp=%2Fwelcome%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&ul=en-us&de=UTF-8&dt=DOJ%20seizes%20%242.3%20million%20in%20cryptocurrency%20payments%20from%20Colonial%20Pipeline%20ransomware%20attack%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAAC~&jid=1124704311&gjid=1565784255&cid=1305187597.1623636828&tid=UA-80491860-1&_gid=1880924883.1623636828&_r=1&gtm=2wg690KR697BF&z=370071792

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 20ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&rl=&if=false&ts=1623636828301&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623636828299.1284348587&it=1623636828234&coo=false&rqm=GET

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Jun 2021 02:13:48 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
520 B 24ms
22ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:25:59 GMT
server: ESF
date: Mon, 14 Jun 2021 02:13:48 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 02:13:48 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
92 B 14ms
14ms XHR
text/plain 2a00:1450:400c:c04::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-80491860-1&cid=1305187597.1623636828&jid=1124704311&gjid=1565784255&_gid=1880924883.1623636828&_u=YAhAAEAAAAAAAC~&z=38373432

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Jun 2021 02:13:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 38EA 0
0 17ms
16ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstK3lNusr8rnXJY0wDGRHAZWqX_nzoLT8y3Jyd7KylmLwRiZJRpEJUAfdQccWs8mMGzhf-ztsbKlU5cBRfy4bWDqWQgGfZhZ8V7_Af9nTthSP05qrLGdWj2yRrpSy0Q95IpScuDBPR2u2Q_CVmdW9eUhMYgSQPb876xkdjDq8cK2JpbDT8CmqVEjGUIq2CeLp9JrDwV-CO5MrF8gRdYJhnu5rodIVVORoMmJxVfYmYJ5LZKpgGw7rYjCzWwNW_CLQ9SVXaZhO9Qvrjq3SCnhMfQlGwCrwWOx8tB7wa5Yko&sai=AMfl-YQZu4TI_3mzHfdhsXw9mPtCtZaDfkCWo0v2Uaae-fI1m2cP_GcAMNXYtsaZsFz4p0PnIQ5rvFkNU3JQnI5DNXMK-xXVDo27r7_WAqB3qMcLi_GgxJmIQj3ERSeHJxo&sig=Cg0ArKJSzAnn0-WBm5FSEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:13:48 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 38EA 17 KB
7 KB 28ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5177
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:47:31 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 38EA 2 KB
1 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2577
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:30:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38EA 122 KB
37 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:48 GMT

GET
H2 204 l
www.google.com/ads/measurement/ Frame 38EA 0
0 15ms
14ms Image
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQyAYp6w3VBVt6qH4N96OsU5_ROo7wkUXAXgAQ1Vz1kivZiaKp3l2K7rkQRyNM1g1UozBM3Ycsj_MTomvaWnWFem-5opQ
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 13841792684619255105
tpc.googlesyndication.com/simgad/ Frame 38EA 91 KB
91 KB 26ms
6ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13841792684619255105

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:21:11 GMT
x-content-type-options: nosniff
age: 129157
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93333
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 10:24:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:21:11 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:48 GMT

GET
H3-29 200 ga-audiences
www.google.com/ads/ 42 B
63 B 28ms
23ms Image
image/gif 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=1305187597.1623636828&jid=1124704311&_u=YAhAAEAAAAAAAC~&z=2117677377

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
522 B 40ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=1305187597.1623636828&jid=1124704311&_u=YAhAAEAAAAAAAC~&z=2117677377

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1623636600000/ 62 KB
19 KB 34ms
19ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1623636600000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 162
x-amz-server-side-encryption: AES256
x-amz-request-id: BNT776FE8ZXYEAKV
x-amz-id-2: ouTJll9rjOBoDhLm1Rj8m0MXGb9PXXkgyrY2LDOYyCMRyir3TfqnMZEEyQD961ZcWNlRV791w3I=
last-modified: Wed, 12 May 2021 19:10:17 GMT
server: cloudflare
etag: W/"95a153c93e899095ceff108333b7e80a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 0aa9e4f8ec000005fd06855000000001
cf-ray: 65f00aa178de05fd-FRA
expires: Mon, 14 Jun 2021 02:16:06 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 60 KB
15 KB 30ms
15ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:48 GMT
content-encoding: br
cf-cache-status: HIT
age: 162
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: P8HAB06STAFYYQ3Z
x-amz-id-2: BXB3vwio1kSzS9KVrtBD0awKEPS876ZX8/iDNOq5Vi8YeJNRnD5v2T2nNQk96SgXR8UD9Qgdy2M=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:34:34 GMT
server: cloudflare
etag: W/"7d1960c560e9e1a7c68d368bb00a59bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 7fcETuGJ5.5rTY48fGHOjt280gru2ST6
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0aa9e4f8ec000005d046be8000000001
cf-ray: 65f00aa17a3905d0-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 14 Jun 2021 02:16:06 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 38EA 0
0 28ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuYVGpTMGmMPHlfanyzxENZVE4hoXjpib1CeypAGmw98KiQ_ApMLwii9-96Fn6T8Umj14ypHVUYpwpFlZ5KwOB89H0nnB8zBSDJSErgHF_ndUVEg6RgJIDf3VWn-2mNMJtO2b98bxWxxGYTP-fKZqWbkNymrYMD6Apm2ppiOwfKb2RkISk1SrLzsSG618o-cIFBAbv9AFcMnm4zRUj4gI0qxyAQPUMt0plF1LkvSi4MzcD_Lg2oh0xgmkGYqHW3X2Ud7YI7PTBE7bZFTwVzeV1FtJBVj3FHjrbF7ibr5CAL1w&sai=AMfl-YSSIJrgzBxQ8aFd1udkT6kwVxdrFBwvN5aJPYE7vMCrA6tDhEs4KV063plWRSHwij_9Yc9-9qsPVG7SxzbEbLEtH43migF8OmTHIk14nQQ5xL0UZUjw5IMAS-i7PEA&sig=Cg0ArKJSzEHUhTDv-mJ5EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:48 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:13:48 GMT

GET
DATA 200
OK truncated
/ Frame 38EA 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52f2c5b3be27ddca6cb3ad85176620ef07a70cd568cbb8c4ebef924b26d058a6

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryGcGyERSqY1aGeFtv

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Jun 2021 02:13:48 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 38EA 42 B
518 B 33ms
13ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssZs-8ciDua-MSCKwjVNaIE8GeHhGTALg7TkvsJX3fFcRczPoGuItF9v6rOonjfQtMoNitd8bb7YJFstXrTje9feeQtwNiMoHiArWIGtKg&sig=Cg0ArKJSzPnvAn-tQeZzEAE&id=lidar2&mcvt=1000&p=371,480,851,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=113530204&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623636828346&dlt=0&rpt=121&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5BFF 61 KB
21 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 133 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 347F 61 KB
21 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 209 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5BFF 318 KB
112 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 347F 318 KB
112 KB 15ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1FF2 61 KB
21 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 74 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1BD1 61 KB
21 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 625 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1FF2 318 KB
112 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 5BFF 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5BFF 107 B
122 B 28ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5BFF 9 KB
5 KB 46ms
46ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2442970141463940&correlator=4051285321445892&output=ldjh&impl=fif&eid=31061160%2C31061224%2C31061278%2C21064369%2C31061301&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3D1a5fa52a8f707b85-229a6f0e5fc80004%3AT%3D1623636828%3AS%3DALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636830&dt=1623636830684&dlt=1623636830591&idt=71&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=fnjfqlgt3odw&ifi=1&ifk=3817049383&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-7WO54yg4q8-leaderboard%26categories%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=1305187597.1623636828&ga_sid=1623636831&ga_hid=1228661801&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

8ad9192c5e3661229d147a4b7f5de9e8e5f93dd586f8853ac2c2afca67706ca2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4632
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5BFF 0
0 27ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1BD1 318 KB
112 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 347F 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 347F 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 347F 9 KB
5 KB 46ms
45ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=236476849370585&correlator=1628299877626599&output=ldjh&impl=fif&eid=31061040%2C31061278%2C21068030%2C31061143&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3D1a5fa52a8f707b85-229a6f0e5fc80004%3AT%3D1623636828%3AS%3DALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636830&dt=1623636830714&dlt=1623636830599&idt=106&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1710&adks=2863372106&ucis=oqfz3p2ldnfy&ifi=1&ifk=2940762769&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1305187597.1623636828&ga_sid=1623636831&ga_hid=1102078470&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d821b0d23874708c3bfd671827839674bb2500e5a4ede5a7c47fce3c126171b2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4602
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 347F 0
0 30ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1FF2 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1FF2 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1FF2 9 KB
5 KB 48ms
48ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1641553134027982&correlator=1058114962825147&output=ldjh&impl=fif&eid=31060783%2C31061040&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts%26categories%3Dgovernment&cookie=ID%3D1a5fa52a8f707b85-229a6f0e5fc80004%3AT%3D1623636828%3AS%3DALNI_MbQhOwuestDVL9JUOUjq1LZpncVpg&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636830&dt=1623636830735&dlt=1623636830628&idt=99&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1445&adks=4064999910&ucis=shlqkawz6jig&ifi=1&ifk=3714739266&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=1305187597.1623636828&ga_sid=1623636831&ga_hid=498930010&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

d9b227d629c1ec7ccb2d2416f1206701576b7c24efa5d0c92b32548aeb0d3c41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4647
x-xss-protection: 0
google-lineitem-id: 5693635656
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349718672
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1FF2 0
0 27ms
13ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 82FD 6 KB
3 KB 21ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:13:50 GMT
expires: Tue, 14 Jun 2022 02:13:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5BFF 73 KB
28 KB 14ms
13ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 container.html Show response
af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 6C6F 6 KB
3 KB 6ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:13:50 GMT
expires: Tue, 14 Jun 2022 02:13:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 347F 73 KB
28 KB 13ms
13ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1BD1 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1BD1 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1BD1 8 KB
4 KB 46ms
45ms XHR
text/plain 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2533213578835345&correlator=283710741404818&output=ldjh&impl=fif&eid=31061278%2C31060976&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dgovernment%26Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3D1a5fa52a8f707b85%3AT%3D1623636828%3AS%3DALNI_Ma6shfHT8n9yhKxGTQIG4MS-sEtdA&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636830&dt=1623636830791&dlt=1623636830636&idt=148&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=4192&adks=3048910702&ucis=v7ddyjmkcu7o&ifi=1&ifk=485025872&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-b3zuzxlKK5-billboard%26category%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=1305187597.1623636828&ga_sid=1623636831&ga_hid=1963138476&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

c0c33f6ba44fbee4f96f13350a10c9f5962c923813413bf8121a97264b3f7378

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4496
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1BD1 0
0 29ms
14ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 container.html Show response
2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame A0A8 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:13:50 GMT
expires: Tue, 14 Jun 2022 02:13:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1FF2 73 KB
28 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 82FD 22 KB
7 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 82FD 8 KB
4 KB 7ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 03:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309639/ Frame 82FD 45 KB
13 KB 117ms
54ms Script
application/javascript 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 2e45e4989af6308367f32065d73379f226deef2153689f71f3f1db0d978e4acd

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-server-name: app05.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82FD 122 KB
37 KB 16ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 6C6F 22 KB
7 KB 20ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 6C6F 8 KB
4 KB 6ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 03:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309637/ Frame 6C6F 45 KB
13 KB 147ms
85ms Script
application/javascript 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 84932e6844caf3d0729d337d7372742ade2c0ff84e4a4a273a8e3325ba99b23c

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-server-name: app27.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C6F 122 KB
37 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame A0A8 22 KB
7 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame A0A8 8 KB
4 KB 9ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 03:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54699616/ Frame A0A8 45 KB
13 KB 131ms
82ms Script
application/javascript 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: a1a5a149ade1d05312f19dc7c0461685435544251ae65d95c2d92cb7393bb68c

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A0A8 122 KB
37 KB 15ms
13ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 container.html Show response
465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 0DC1 6 KB
3 KB 8ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:13:50 GMT
expires: Tue, 14 Jun 2022 02:13:50 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1BD1 73 KB
28 KB 15ms
15ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1BD1 10 KB
8 KB 30ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a00fcc6ff3c2e5d112b6995ef41287553bce6e0fbfc9231e13a9fa8e3ce1ded8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7988
x-xss-protection: 0

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C6F 0
0 16ms
16ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvhvrOHSkCl6lyGvImN9qM-tRNJwteCYMtA15950JYtZ0-0cM_5wQKifwFg3vk92BbxvxW08_5SGX2K374xi6uZFcQfn8pqPz8wCflPKuq5N82lywwIY9WXICQUISlm85jtfrZUB9RbddUr2jVRD1l1hPrCry6qyl87OFDmMowUWzcCPvOPTNlfptOGzVQE9CtDYZ73UL02NuiMKqOty6ZL2eEjuwzUaUDnxsaNHy4bl1thD053WAT1J661EJpYpnSdpphkNJDuMQBdGzuq5hJDaYs5xJthXs9t2QhPN3-iT7sAkdgSg8E9fqGeRbva2_o&sig=Cg0ArKJSzOpRmAObF70TEAE&urlfix=1&adurl=

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 6C6F 37 KB
15 KB 7ms
7ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A0A8 0
0 16ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvOV0tGQ2J5Z_fPMxcsrB8BmBpmDONqikUhlFLdQGBIV_TOba-9Kt9ghZVwCq79t_PSFvNPjcLdzW2_QX54WNxV9jEdkBdK9_o836KMN-nLv8z-wJQQbwUXzN4vv1ni38wb_Cpxr2F2KDFu-Q-3_A8q_BTN-2FWGUHkbJwMlf80CtY9dihIG7fmT40FJBxWlEWU6wGCHGv0MWULkZTFylTO-HT9Lykqr4pC2KGaNtw4ZdFslnr0vUnS0vxv2bxQww15h7Mg18YSSgHo-_SAbI_zJS2MKwAE2vUOHdn5aUaPjWy3YhwkNXpF05mHbgfctX2f_HSJU0zdX1c&sig=Cg0ArKJSzE4qOho17ArREAE&urlfix=1&adurl=

Requested by

Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame A0A8 37 KB
15 KB 7ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82FD 0
0 16ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtR3ck6jZ_XaZOqE8MZ9Vj0Dnq5_9vyULHU6v3koSEqw7tAYpIvz-A7w29aoldHEeAKwKrqXHTQ_WOZl0eWTrA8iBOREC5f_LNWSbGj1RgDAzuouVqazphiC-rpF0OEYQXPXd3zAe8g1TwWo7sj1C85VaU5hbp7ke14i0qdSUCVe5kXJkHoM1ZQQh-W9H2V6a1io_l1NesdGId4qcIE_R0iyjtNItapcJJJTQ-UHfEtZJyKUrQzSVxZ0cXXYoSsmL5Ir-fEEtOwpJQcv-plP4_UjUO00xBrk9kPWD4stziqwByo34bRVTkF8GrpppoZ4zSK3gxmWBGyg44&sig=Cg0ArKJSzCdxQxkc1-ofEAE&urlfix=1&adurl=

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 82FD 37 KB
15 KB 7ms
7ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 0DC1 22 KB
7 KB 10ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144435
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 0DC1 8 KB
4 KB 9ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 490
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 03:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309639/ Frame 0DC1 45 KB
13 KB 60ms
57ms Script
application/javascript 52.212.52.211
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.212.52.211 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-212-52-211.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 1cf3fbfc1124a80a5691de2f0f3abf061c1cacd4b0bb64d3199af9d478cd689e

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-server-name: app34.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DC1 122 KB
37 KB 17ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1BD1 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H2 200 B24705254.302297311;dc_ver=75.217;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gcitw8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuuEK0KyB51yVQZhqNrbvWShcxEb... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 6C6F 36 KB
18 KB 60ms
37ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gcitw8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuuEK0KyB51yVQZhqNrbvWShcxEbDjx3i0lDvsrsVUnTPicrhVbRLkv3Q8E3yY_olICCxztRmrKm2slhZipuqKIdtVDacoldTYypfchtxJQK9bjpU1QAVRF4mIO4e3tCB9pC2OjWNswOhDHYfN8L4nBu5cYePIhPfQ8a6cjTb1NO3Ub0d0qQH8JWxsa5KCDjy3lD0ThvV24WOK7CMbXvWmpRPi0Kz96ONRNOryS6F0ZbrM3DBG2QI9GYHcFu7qewH6EYBswXOTn1J72Nnce8wPgAmcSybuBmU8_r2KlEb3sFDWupFPuACC1l_A6d8Y%26sig%3DCg0ArKJSzLtZQ3HMGVVmEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=()-jEleUI);osda=2;sttr=25;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

3727c0e52c294a25d7cb01de02caef316d4cee0c2993fe8993e546ca133ad2b4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18364
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGob... Show response
ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/ Frame 38DF 35 KB
18 KB 47ms
32ms Document
text/html 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGobSFAJmhxQ5Q5TFN3aPWjeiWnuNDVXr1RkJgyzkK7QDT9QhEPvibtixNk1P3gpsH2f3V-G6A6HMFUG02IF2yK_RXfSwkWLc2nDg9D8ORBWqtTKMdH-H6E0_3ewxYw-bkHXMz_CO2fv6oKXf7zOGAVL0WkhU0q2qo_wPA4gLvnC-4VnwImCAzYTeaMXtRUEnFIMjubY7tRynpdFD2Y0jgj65sVUKytlzU1OjsWJggPWzAy5JJCYMrAzgG0iwpGfspLhzmLKOhecc9U4Aib26hl4TT7xExHDjFI%26sig%3DCg0ArKJSzA2oA0Pm2LD0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=BKDCKuHTrA;osda=2;sttr=27;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

19b28cd358e0f400ff690622876e1891ccd334d8b0a2c0cfa5aad012e8c745c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: ad.doubleclick.net
:scheme: https
:path: /ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGobSFAJmhxQ5Q5TFN3aPWjeiWnuNDVXr1RkJgyzkK7QDT9QhEPvibtixNk1P3gpsH2f3V-G6A6HMFUG02IF2yK_RXfSwkWLc2nDg9D8ORBWqtTKMdH-H6E0_3ewxYw-bkHXMz_CO2fv6oKXf7zOGAVL0WkhU0q2qo_wPA4gLvnC-4VnwImCAzYTeaMXtRUEnFIMjubY7tRynpdFD2Y0jgj65sVUKytlzU1OjsWJggPWzAy5JJCYMrAzgG0iwpGfspLhzmLKOhecc9U4Aib26hl4TT7xExHDjFI%26sig%3DCg0ArKJSzA2oA0Pm2LD0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=BKDCKuHTrA;osda=2;sttr=27;prcl=s
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUkGcAiTbpLTycg4PO5zFrx6LALhYYU91ycWRmZMfHTz6Y6A2o2XraziZ1s1ub8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Mon, 14 Jun 2021 02:13:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 18220
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=0s2sev;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuaKk_5nf5MwrFfki6eULjsEijsSemtN7yqLBopd3cw... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 82FD 36 KB
18 KB 52ms
39ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=0s2sev;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuaKk_5nf5MwrFfki6eULjsEijsSemtN7yqLBopd3cwXPnECs-hlGCBwMCjy6jU5SeZkUNSUsocD94VrNvfznH9oyV6RjsedBh7QKgqfpsBqEebK0qzFwl1gz6EwcgbSK3HxnTmBDjR_JwoIT9V-1c7OkMB4na95NsQfU6LSEAIDoqwAtXdLp76JUTwaYKClP2e6fKwx791Z-K4E314TeOYU6seQ6bIgxWUZT1XpXwGwcmdwhTq5S1vJUTOx3kprb2BoLT-jDBemH5PSYgN2mC9i4QJgvnBMROSWfQPN6L6MgylLMtd_g6R9uBxR7xEWemf2rZgS0hO%26sig%3DCg0ArKJSzHU1U9dFjWUMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=lSNLJfQmvL;osda=2;sttr=32;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

ac17f7fbff7389405eaa72e6b0e4f588e8253d1208b0707b67e5a3efd462b8ad

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18440
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame CA36 12 KB
5 KB 7ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17804
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame C3CA 783 B
531 B 17ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

628a65f8f1c44d929833dd003e1169b3a8203b7aaf145ba0b04173a93bd30dd5

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-RltdyA2lzHCAfm4+FTKJPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:13:50 GMT
date: Mon, 14 Jun 2021 02:13:50 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-RltdyA2lzHCAfm4+FTKJPQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0DC1 0
0 17ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssvS3qWdoZLzYe-sOoy39VSeFRXOixweAJ3pe0xHmw-EZcB_qFKcAyqIhnfXzx_d3vkZVYQ7duNm7K_uXZ_fkqiEuXUdH2_yXMBri8A5tiMeulW-1nNO9LIaHoZLlzYVo1NBZtsatMbrWacLSNyLKLDrjwPN-gc3RSSf81zBkAq04JJXIOwFLVI0LP0MoeypnUktMpN5EgIMINKz7-YWfqQO5wBOHLQnrfcbzTkmdWV2LDNDCnQrWnlvDUCwDKTcqjfz4yMV8AkTon0SeGACqFFTU3_a0ObJLS33JlWxyu1iN-ZtUr0AH3rGXa-Q2qiDTGr19FmJ2A&sig=Cg0ArKJSzBVRpZvvJkbfEAE&urlfix=1&adurl=

Requested by

Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:50 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 0DC1 37 KB
15 KB 7ms
6ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 135558
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H2 200 B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 0DC1 36 KB
18 KB 35ms
34ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

7a30ec48d41a71c28e7080b22ae32e6730e544312af78c10760d74b66a89f35a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18520
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame CA36 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34464
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H2 200 GLBL-ENG_IOT-01_0_300x250_BAN-S_PNG_MOFU-IOT-Utilities_wbrit025962_105.png
s0.2mdn.net/3569326/ Frame 38DF 99 KB
100 KB 33ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/GLBL-ENG_IOT-01_0_300x250_BAN-S_PNG_MOFU-IOT-Utilities_wbrit025962_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGobSFAJmhxQ5Q5TFN3aPWjeiWnuNDVXr1RkJgyzkK7QDT9QhEPvibtixNk1P3gpsH2f3V-G6A6HMFUG02IF2yK_RXfSwkWLc2nDg9D8ORBWqtTKMdH-H6E0_3ewxYw-bkHXMz_CO2fv6oKXf7zOGAVL0WkhU0q2qo_wPA4gLvnC-4VnwImCAzYTeaMXtRUEnFIMjubY7tRynpdFD2Y0jgj65sVUKytlzU1OjsWJggPWzAy5JJCYMrAzgG0iwpGfspLhzmLKOhecc9U4Aib26hl4TT7xExHDjFI%26sig%3DCg0ArKJSzA2oA0Pm2LD0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=BKDCKuHTrA;osda=2;sttr=27;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1db303f2f9ef3085a0d3347fa3c88fcc6a42f247efda79b10b8c696b21ee8480

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 11:34:36 GMT
x-content-type-options: nosniff
last-modified: Wed, 12 May 2021 13:38:28 GMT
server: sffe
age: 52754
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 101538
x-xss-protection: 0
expires: Mon, 14 Jun 2021 11:34:36 GMT

GET
H3-29 200 sodar_loader.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/ Frame 38DF 10 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/sodar_loader.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1a0b09cbb763ef7e1ab6183b36a3ff732a874dc4faa20f375c807d8ade0438d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 20:05:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22085
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4190
x-xss-protection: 0
server: cafe
etag: 13053538017912979805
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sun, 27 Jun 2021 20:05:45 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 38DF 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 38DF 122 KB
37 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 38DF 0
545 B 36ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssF110v1VNeV5U14l1VykPoapdG23kNWiWwmvKdSjkEHAwFwSBmg7PjGiGJdK9zjtab6FqQQZLNTCKkCosZvIWJCz6B2xUGnbLW-5GO-v916enFNI0KNDtkUM2oZvrbgbEqkCmewAwTKRaEMRIyaT1-sHhwyHFBhN6KaAWRO0Rk8g&sig=Cg0ArKJSzEUCcorLJQIWEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.29568&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 38DF 0
0 300ms
96ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=25791652&pcmtid=303544152&crtvid=150862349&rndnum=1049668925&site=N7442.3728797STATESCOOP&adid=496162772&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGobSFAJmhxQ5Q5TFN3aPWjeiWnuNDVXr1RkJgyzkK7QDT9QhEPvibtixNk1P3gpsH2f3V-G6A6HMFUG02IF2yK_RXfSwkWLc2nDg9D8ORBWqtTKMdH-H6E0_3ewxYw-bkHXMz_CO2fv6oKXf7zOGAVL0WkhU0q2qo_wPA4gLvnC-4VnwImCAzYTeaMXtRUEnFIMjubY7tRynpdFD2Y0jgj65sVUKytlzU1OjsWJggPWzAy5JJCYMrAzgG0iwpGfspLhzmLKOhecc9U4Aib26hl4TT7xExHDjFI%26sig%3DCg0ArKJSzA2oA0Pm2LD0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=BKDCKuHTrA;osda=2;sttr=27;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 /
events.mmi360.net/ Frame 38DF 68 B
134 B 367ms
163ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=25791652&pcmtid=303544152&crtvid=150862349&rndnum=1049668925&site=N7442.3728797STATESCOOP&adid=496162772&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adi/N7442.3728797STATESCOOP/B25791652.303544152;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=ka4vjv;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstOZnhtKJITiFajAXa8Nb05uBeqZ9mjvlOC69TvUGobSFAJmhxQ5Q5TFN3aPWjeiWnuNDVXr1RkJgyzkK7QDT9QhEPvibtixNk1P3gpsH2f3V-G6A6HMFUG02IF2yK_RXfSwkWLc2nDg9D8ORBWqtTKMdH-H6E0_3ewxYw-bkHXMz_CO2fv6oKXf7zOGAVL0WkhU0q2qo_wPA4gLvnC-4VnwImCAzYTeaMXtRUEnFIMjubY7tRynpdFD2Y0jgj65sVUKytlzU1OjsWJggPWzAy5JJCYMrAzgG0iwpGfspLhzmLKOhecc9U4Aib26hl4TT7xExHDjFI%26sig%3DCg0ArKJSzA2oA0Pm2LD0EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=BKDCKuHTrA;osda=2;sttr=27;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303544152;a.a=496162772;cache=1049668925;
ad.atdmt.com/i/ Frame 38DF 43 B
162 B 393ms
356ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=25791652;s.a=6840654;p.a=303544152;a.a=496162772;cache=1049668925;

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: hazRanBtldUdsMITlN+KdG6BSP7td+f93DxFgomOMUIZ0g38ZJYQ0DnBahOOpkwQUJyPM8ArRbwtIbqoc8qwPA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:13:51 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 38DF 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 6C6F 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gcitw8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuuEK0KyB51yVQZhqNrbvWShcxEbDjx3i0lDvsrsVUnTPicrhVbRLkv3Q8E3yY_olICCxztRmrKm2slhZipuqKIdtVDacoldTYypfchtxJQK9bjpU1QAVRF4mIO4e3tCB9pC2OjWNswOhDHYfN8L4nBu5cYePIhPfQ8a6cjTb1NO3Ub0d0qQH8JWxsa5KCDjy3lD0ThvV24WOK7CMbXvWmpRPi0Kz96ONRNOryS6F0ZbrM3DBG2QI9GYHcFu7qewH6EYBswXOTn1J72Nnce8wPgAmcSybuBmU8_r2KlEb3sFDWupFPuACC1l_A6d8Y%26sig%3DCg0ArKJSzLtZQ3HMGVVmEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=()-jEleUI);osda=2;sttr=25;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C6F 0
60 B 29ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstacP5q1yy9Y40qMaCVxlFuuoQTN-btxhVI1PMKj3DU4NoJvS_BhKCK_I4QWX9RJCnWuHgnIIAi8ceQNGsSw-SG7y2qgsZT2fFRd9lsuQNBYNpoYJEc9UPVAAfcGP32UfPwa_YmxC3R1VgW4w5gVBE-8zcZXcNCLNHaFZ_8bk-mnA&sig=Cg0ArKJSzDjM2VaEvO3UEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.66722&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 6C6F 0
0 294ms
98ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149749946&rndnum=1889310287&site=N7442.3728797STATESCOOP&adid=494955238&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gcitw8;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuuEK0KyB51yVQZhqNrbvWShcxEbDjx3i0lDvsrsVUnTPicrhVbRLkv3Q8E3yY_olICCxztRmrKm2slhZipuqKIdtVDacoldTYypfchtxJQK9bjpU1QAVRF4mIO4e3tCB9pC2OjWNswOhDHYfN8L4nBu5cYePIhPfQ8a6cjTb1NO3Ub0d0qQH8JWxsa5KCDjy3lD0ThvV24WOK7CMbXvWmpRPi0Kz96ONRNOryS6F0ZbrM3DBG2QI9GYHcFu7qewH6EYBswXOTn1J72Nnce8wPgAmcSybuBmU8_r2KlEb3sFDWupFPuACC1l_A6d8Y%26sig%3DCg0ArKJSzLtZQ3HMGVVmEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=()-jEleUI);osda=2;sttr=25;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 6C6F 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H2 200 04232021-075325880-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png
s0.2mdn.net/3569326/ Frame 6C6F 140 KB
140 KB 35ms
22ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04232021-075325880-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

02f3439d68d49a40dca07d9fd6f0d891f2078093e5343ffb2210ee7ac4eefc52

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:31:58 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 14:53:25 GMT
server: sffe
age: 45712
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 142981
x-xss-protection: 0
expires: Mon, 14 Jun 2021 13:31:58 GMT

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=494955238;cache=1889310287;
ad.atdmt.com/i/ Frame 6C6F 43 B
1 KB 385ms
356ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=494955238;cache=1889310287;

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: 7LxhbbJZ4oZ9L3LFUubIuGTsJgfq3TJAOju0eWz/JEFoRQZJdOTUY1LSuaS369xWzKsToIxtqrUqkmpMREN2Pg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:13:51 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
events.mmi360.net/ Frame 6C6F 68 B
135 B 356ms
160ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149749946&rndnum=1889310287&site=N7442.3728797STATESCOOP&adid=494955238&aucid=&exchid=&sellid=
Requested by: Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 82FD 8 KB
3 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=0s2sev;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuaKk_5nf5MwrFfki6eULjsEijsSemtN7yqLBopd3cwXPnECs-hlGCBwMCjy6jU5SeZkUNSUsocD94VrNvfznH9oyV6RjsedBh7QKgqfpsBqEebK0qzFwl1gz6EwcgbSK3HxnTmBDjR_JwoIT9V-1c7OkMB4na95NsQfU6LSEAIDoqwAtXdLp76JUTwaYKClP2e6fKwx791Z-K4E314TeOYU6seQ6bIgxWUZT1XpXwGwcmdwhTq5S1vJUTOx3kprb2BoLT-jDBemH5PSYgN2mC9i4QJgvnBMROSWfQPN6L6MgylLMtd_g6R9uBxR7xEWemf2rZgS0hO%26sig%3DCg0ArKJSzHU1U9dFjWUMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=lSNLJfQmvL;osda=2;sttr=32;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2511
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82FD 0
60 B 25ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvrks0cNez3DkTc9tsmJENVC1SnIWj-rQB5VzAxmbCEiKm2AZV9qiXDddpyKe71UbKRFDDsL4As-Q1akU--_MklrOBPKGBuAQF05cqaqBeP-YMH6DhIPym2wztfapTXe1iTlD_otw0kT9HvnQkuSNwJv_cPg3L-B-K_XlNvlKCFwg&sig=Cg0ArKJSzPUKaB5EUKrTEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.54652&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 82FD 0
0 288ms
97ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149970867&rndnum=3496819032&site=N7442.3728797STATESCOOP&adid=495002691&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=0s2sev;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuaKk_5nf5MwrFfki6eULjsEijsSemtN7yqLBopd3cwXPnECs-hlGCBwMCjy6jU5SeZkUNSUsocD94VrNvfznH9oyV6RjsedBh7QKgqfpsBqEebK0qzFwl1gz6EwcgbSK3HxnTmBDjR_JwoIT9V-1c7OkMB4na95NsQfU6LSEAIDoqwAtXdLp76JUTwaYKClP2e6fKwx791Z-K4E314TeOYU6seQ6bIgxWUZT1XpXwGwcmdwhTq5S1vJUTOx3kprb2BoLT-jDBemH5PSYgN2mC9i4QJgvnBMROSWfQPN6L6MgylLMtd_g6R9uBxR7xEWemf2rZgS0hO%26sig%3DCg0ArKJSzHU1U9dFjWUMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=lSNLJfQmvL;osda=2;sttr=32;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 82FD 41 KB
15 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133886
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H2 200 04262021-072235905-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png
s0.2mdn.net/3569326/ Frame 82FD 197 KB
197 KB 37ms
30ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04262021-072235905-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefe62a178a6a04c30889acb8eede1ed6820738d0ec5525d3399fefc22bc71e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:59:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 14:22:35 GMT
server: sffe
age: 44061
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201873
x-xss-protection: 0
expires: Mon, 14 Jun 2021 13:59:29 GMT

GET
H2 200 /
events.mmi360.net/ Frame 82FD 68 B
134 B 355ms
164ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149970867&rndnum=3496819032&site=N7442.3728797STATESCOOP&adid=495002691&aucid=&exchid=&sellid=
Requested by: Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002691;cache=3496819032;
ad.atdmt.com/i/ Frame 82FD 43 B
162 B 452ms
428ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002691;cache=3496819032;

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: RW/glyHn44OTuwty/ZSx6FbeTaPTWaSNXGY9M9WZ9fpw7KZawChIG8C3OtsFwqUpfRBwI9Zg00H4EEBQSsg3RA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:13:51 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 82FD 183 KB
58 KB 165ms
94ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 82FD 122 KB
37 KB 16ms
13ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:50 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:50 GMT

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame A0A8 183 KB
58 KB 84ms
62ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame A0A8 0
0 15ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNzDiRI2rmvZ5W6kxHIT0Git4vTMyYAJofuePqpo_MM5sp8AbgWd0PWiWvenAdwze578W6I0aQ16vFgn90hNrABKE1s01idNAufNAnp1HajyNNQJ887Ke1nM9SA439L3dHpNTutVRRj8LvzJ3Tj6uBpUNnHj0PNWxiCN16WjOq3Ea4eRAZEHUtIhQCsfykwjxIEieCz3cfBxceh6Bc3viWU0y_aYveLupymsunawQacjpwbOmDJ628BA4aw_pUmXT5G4DVA9d9IsLiZeacwbpStwUKueItvYuYhFkt0jOeqP0d07vdlep7bVZhGnG6Z0NQaNn3zuD2221Pdg&sig=Cg0ArKJSzJPNFDOXdnb_EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
DATA 200
OK truncated
/ Frame A0A8 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b85d2f341314cfc630b5878e790d325a516e08fd9bf9a80c328588d50b7f1a1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 6C6F 183 KB
58 KB 51ms
50ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 6C6F 122 KB
37 KB 14ms
14ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 38DF 5 KB
4 KB 15ms
15ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=xfad&tv=r20100101&st=int

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

739d5dd6fab71321401422b84063f7c19d84eea2b6ce0f2ad540bacf38f5f5f0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4226
x-xss-protection: 0

GET
H3-29 200 04262021-072235905-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png
s0.2mdn.net/3569326/ Frame 0DC1 197 KB
197 KB 21ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04262021-072235905-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefe62a178a6a04c30889acb8eede1ed6820738d0ec5525d3399fefc22bc71e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:59:29 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 14:22:35 GMT
server: sffe
age: 44062
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201873
x-xss-protection: 0
expires: Mon, 14 Jun 2021 13:59:29 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 0DC1 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2512
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0DC1 0
23 B 28ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstEOYsnkQtRLGDk0yEPsCukuPyzcC_t9BFHHoMAv6kgMiEbAA3Wdujo-nLAs68faLoHr3AUtyOuuAYg1JIsumUBw4TJhDENQSb8Itcn-VtpBs0YN1X92hztQhsi_ne8bUkpNKtX2DAXLkFgV7uxulNlLUcU-dqsgCiThAi_Wq00Xw&sig=Cg0ArKJSzDA_5KkAW6opEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210607.15845&adurl=

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 0DC1 0
0 164ms
97ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149970867&rndnum=2131965327&site=N7442.3728797STATESCOOP&adid=495002691&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 0DC1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133887
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002691;cache=2131965327;
ad.atdmt.com/i/ Frame 0DC1 43 B
171 B 361ms
361ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002691;cache=2131965327;

Requested by

Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: WdHOVziIoS8wZRbqNSpWz77SUEww4+dFp/e5UOsiUmvOhjj3FyFINj+F89uoHR9YTQHhaor1ftO0QLvoW1hi+g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:13:51 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
events.mmi360.net/ Frame 0DC1 68 B
134 B 242ms
175ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149970867&rndnum=2131965327&site=N7442.3728797STATESCOOP&adid=495002691&aucid=&exchid=&sellid=
Requested by: Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 0DC1 183 KB
58 KB 42ms
41ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 0DC1 122 KB
37 KB 14ms
13ms Script
text/javascript 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
DATA 200
OK truncated
/ Frame 82FD 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6583bb857c7a27c71cf6d65a5f23e6c297461091d77918309236f2dc749aad58

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 38DF 0
23 B 16ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 79A7 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://ad.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://ad.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame D94E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 3A04 22 KB
8 KB 7ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 6C6F 0
23 B 16ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 6C6F 0
0 16ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvWz0iJvTCnfI3iU4UYHgwBEBNzEpY9HNiWdQLNnea5Vj3USc14C7YgDz2t5N33AAyUxUeqmB7HGSTfHnmYmX3b60gDGUdmmtV4ogA_IBRdja4Vv401fE3rH0q2cCUPk0-Q2PFSwiLxEd8jRlS14TIp_1K2jxgOqVXK8ama6iNELojrVbyg9-qkzUVP9dtsmL409SGN9PVuGSFxOOhcvNg19-ra1mdkJMEzybU2QEvYg9r0U3GZWR3qra0V9lsAcpIROPYA1uCKkDJmflWXA_WxKQ5Ds3TV5Z8-3t4uOLDLjY6tva5N7jvBqP00YY0YMWR-Qw&sig=Cg0ArKJSzGPAAU3oivqjEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
DATA 200
OK truncated
/ Frame 6C6F 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 2907b67ba209b09990196a68e55fbfc5a7e742bbfb862ce494d1fc9238284595

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 0DC1 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 98999de60cc7dfbd331078a9266b35fdaff2871a6f54cd4ffb029b7d11006a1a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 82FD 0
23 B 15ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 82FD 0
0 15ms
15ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv024tMmBIafVTZ6jfrlWV1Ia6rwJyML2p4gdPeIfZ1Cl0DZh29BLB5XaYgElLcaSrD6LLvpAOjPIrF3VJGrQ0pBVAvudCeWzN4PvtsK-tfsmDzR2W2oGBXfMr9P07kc-XkwAn61FbUzd40boNFCvmpPPkO8EPLVBTnZMFi6vqU6-QK_l7HWJq-QzuLAbyBRIgBUJ_OXaLXKfLTd2VZxtmCU3IiXiag4c1IdFYdum-RC-d6pOru6gqQ7pHIg4QvmxMd9wO8nnzRXkLTj_jLN6Jff4ZqROlTCFR681Ja3gzstYXLLXuMN5rwZFio-yF-FibrfjFkFnszjk6E0UI&sig=Cg0ArKJSzMBE6iCA1tdcEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 8955 22 KB
8 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155576
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame A0A8
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54699616/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

32ms
31ms

Script
application/javascript

52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7023125
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: app12.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 3239 82 KB
21 KB 32ms
31ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2846999
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 0DC1 0
23 B 16ms
15ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2313985828;ord=4cj5ei;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssK_KVQlxt8b_o42Vpre0cmPJbVB4UTz_gJqGIPeGTC5kl0PSTEAIusSHbnx45pBFE5RaEI0s_Eqxd68HAjpTrwpTxhVvNeuEjkhgQKU5RNSKm57HGkSq4Y6y9SO5dt71SdBVrH02OZ0jh1I4CZE68eNO3-R1iOd8ISxzRA_zixBQrP1g4OGUlYhvxJGntViZSjt8KczfA3TP8lkS5YTHg1di56jNT7bQEQodUs1HMuQhvMawd2pwvMDHCPw7i7KBSnremX0q54Xs60l61slTbITWNqd8LIFkPI1sx5mfMST9IkXnTWI4vzG1uPugQOJsknXbo%26sig%3DCg0ArKJSzBKmom70GP73EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=5GYoW_n)Op;osda=2;sttr=17;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 0DC1 0
0 15ms
14ms Fetch
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssREnHDwBuV93zrPjS_ChltmZ6IWPFF0k-ySv9sYXS32WsAxKA3ZmkkevWUmEyU-j2DQnlqOP5Tkxk6vJ2mUh08oqYRY5DOARyeMpZEIpVa1daJlvDCdCwbnzQ_3s2CLetxjsgnKuHWwWf32vc-YaXE4uC_VKH48wVPEXdz2eVcN0IDGk7Pj4f59PSddwxi4g6eteE0onBy-3FPMqj2xvThDMk5TWI6F4AT8ngyrr119jXxyE6fI08QomkvaMxAs4a-bPGwQOR3GCspiGrDqrlhoisM7Nw9Rss4bcdSUCBnAo7_cXdOOehu6yJ9lR7Vhb4LtzpdaQqQ2w&sig=Cg0ArKJSzFV0HK9LSx6VEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 82FD
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

31ms
31ms

Script
application/javascript

52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7780909
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: app17.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 18BA 82 KB
21 KB 32ms
32ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1032324
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 6C6F
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

32ms
31ms

Script
application/javascript

52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7781371
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: app24.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 799E 82 KB
21 KB 32ms
31ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2848836
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 0DC1
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

31ms
31ms

Script
application/javascript

52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7024496
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: app19.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame A911 82 KB
21 KB 32ms
32ms Script
application/javascript 52.213.246.12
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.213.246.12 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-213-246-12.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1033698
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A0A8 43 B
216 B 298ms
95ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=6eed6bfb-c821-2d97-363e-1598179a85b5&tv=%7Bc:ftJ06Y,pingTime:-2,time:382,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:225,beZ:226,mfA:455,cmA:456,inA:456,inZ:460,prA:460,prZ:475,si:483,poA:484,poZ:497,cmZ:497,mfZ:497,loA:566,loZ:568,ltA:606,ltZ:606%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:257%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:383,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:257,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B150~1%5D,as:%5B150~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgSG2j+111.488356-54309639%7C1111%7C112%7C121*.488356-54699616%7C12111%7C122%7C131.488356-54309637%7C1311%7C132%7C141.488356-54309639%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:121*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:122,readyFired:true%7D&br=u
Requested by: Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82FD 43 B
215 B 293ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=d74036c7-8bf5-4ca9-2743-0fc6102e97c7&tv=%7Bc:ftJ074,pingTime:-2,time:439,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:223,beZ:224,mfA:569,cmA:570,inA:570,inZ:571,prA:571,prZ:575,si:578,poA:578,poZ:582,cmZ:582,mfZ:582,loA:632,loZ:633,ltA:661,ltZ:661%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:355%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:439,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:355,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B92~1%5D,as:%5B92~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgSG2j+111*.488356-54309639%7C1111%7C112%7C121.488356-54699616%7C12111%7C1212%7C122%7C131.488356-54309637%7C1311%7C132%7C141.488356-54309639%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:111*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:83,readyFired:true%7D&br=u
Requested by: Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt55.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6C6F 43 B
215 B 292ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=ff84ee69-5d6f-e0c6-6ec3-6f787aa89e82&tv=%7Bc:ftJ076,pingTime:-2,time:325,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:323,beZ:325,mfA:567,cmA:568,inA:568,inZ:568,prA:568,prZ:573,si:575,poA:576,poZ:580,cmZ:580,mfZ:580,loA:620,loZ:621,ltA:648,ltZ:648%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:252%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:325,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:252,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B80~1%5D,as:%5B80~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgSG2j+111.488356-54309639%7C1111%7C1112%7C112%7C121.488356-54699616%7C12111%7C1212%7C122%7C131*.488356-54309637%7C1311%7C132%7C141.488356-54309639%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:71,readyFired:true%7D&br=u
Requested by: Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt18.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0DC1 43 B
215 B 290ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=d343dff0-f838-fa46-a2fb-3d8dafd31fea&tv=%7Bc:ftJ077,pingTime:-2,time:317,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:261,beZ:262,mfA:509,cmA:509,inA:509,inZ:510,prA:510,prZ:515,si:517,poA:517,poZ:521,cmZ:521,mfZ:521,loA:553,loZ:554,ltA:578,ltZ:578%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:256%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:317,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:256,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B69~1%5D,as:%5B69~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgSG2j+111.488356-54309639%7C1111%7C1112%7C112%7C121.488356-54699616%7C12111%7C1212%7C122%7C131.488356-54309637%7C1311%7C1312%7C132%7C141*.488356-54309639%7C1411%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:141*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:60,readyFired:true%7D&br=u
Requested by: Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 38DF 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/xfa/sodar_loader.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://ad.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:51 GMT

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 79A7 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 10:50:39 GMT

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame D94E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 10:50:39 GMT

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 3A04 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 10:50:39 GMT

GET
H3-29 200 BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js Show response
pagead2.googlesyndication.com/bg/ Frame 8955 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/BIKfHL6N8NnL0SRbyz4COSMYlE8t2lwSnrtAnHeyH4k.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:50:39 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55392
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5722
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 10:50:39 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 3910 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34465
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1BD1 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2533213578835345&bg=!jY6ljsrNAAY6sG-_OrA7ACkAdvg8WidZ9t6K-WWIPphkHZUlZI_exdGryCsMhG5NNiu-XcXCrE2VpgIAAAG7UgAAAGNoAQeZAosrOi9O5L3WPfJqJp0jb8_l1ZmtPRI547tRb_O5QXa39vkSdQAm72YMfUalT7YKgWZwZsQwR3Cfw4c8FGqWUTp5bw7nHUxPUcZMAvxVgm4SFaIeYZ9Gpx0cjs75ZzPR81S7lnAiTsXreF230EmmajfXV3LLojYo4S-5YBjMxZ0UasuiEeBdRQxxze0iEsdQtvLx1Vx4bTjZDHXtxWzYR_xhH44oswDKdA7-QD_v8gCzbxMaFsuPmxVGNy3pB_zAd_dcYivSxwCxOsOWMYyfn3z35dHLHd5UOQvSRoh49s_LeUo2a-ruIiel6KpUeGnBAGRIwZcXBiKoSIQ11HWLZEBI9tcg64cl2FoE-8_qn0h0528QIy7VgTXsZJAeg9gw1Ndk35g_A2L5NKZvuQeMkPE6fkqZIpmPHLfhv_b-1EFz4zQH3oI0VTdNtdFg-FJQ1494F3TsUhJoJDLmUI7OzVbH_UKB_Ow3avANnYDiozZPQVa_ZnGbab9wlNkBgnUcVG4KUABC5ViN3vFynRRdkU7WDHt3r6BJKVWnQeb55m4qy6bE1PEoKSSeA4R0EN7--mx6xTR7Cj9U2iVVOxbwqaXq2ztUIfFK7u2fTZEBHKNo6pT4ZSvjPnJGjAEKb4NHZUTfXCRib6-EpIVVFVUzAXHZez6vaqQskNC2Ux6S662L5_ka0zwltg8ZTmsX7vWmEw0i_7Z_smIaE0b_QhByXj09BvjXqapgB3spripEbwCsPk3NDPfANtIrnoyfEW1ZIPlr2LTsTwAZQH_TbJAosRRJVfp8C3c23oQHjfYCLAY-JNxhjprdOUvuY8UBOLWtBv9K9-JkvbXjkqoHlpuXI2P0wwvaYb5SeugN3NA

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame A0A8 43 B
215 B 96ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=6eed6bfb-c821-2d97-363e-1598179a85b5&tv=%7Bc:ftJ0cQ,pingTime:-10,time:746,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636831779%7C%7C9a4bafed18be3a125bef87fb047b08d3%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf8822a129fdf62849bed9dd05cf7211d%7C%7C5bf6acb66717de515331e1d19d0be57f%7C%7C79617ced7eaa4910234eadf535accb6a%7C%7Cb7daaa6777a7b9b8db10b575fa8477e3%7C%7C3a4541c5079493d1d85e2ac80e36d3f0%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: 2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
URL: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt64.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 82FD 43 B
215 B 96ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=d74036c7-8bf5-4ca9-2743-0fc6102e97c7&tv=%7Bc:ftJ0d6,pingTime:-10,time:813,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636831796%7C%7Ca300a339153f037bcace7b68f172abb4%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C52d6d3f39c1de7c9fca77caee66eeaa4%7C%7C81a61889700b83e00db20d9b637e87ad%7C%7C557a2174154d089c1537731600ca088f%7C%7Cf83ceeda74a7fcc7b3db276d7baa9f79%7C%7C838e69edf82cc0baea782e2ba6f37bc6%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: 0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
URL: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt32.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 6C6F 43 B
215 B 97ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=ff84ee69-5d6f-e0c6-6ec3-6f787aa89e82&tv=%7Bc:ftJ0dx,pingTime:-10,time:724,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636831822%7C%7Cfca061b2e98b7b285831c88f4bfbf9e8%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Ca3842b5b610643aeb6448480553d1712%7C%7Cb382dfa154e74c42512e181f04929cfc%7C%7C479184abb5f9711f5d00f80fdd905840%7C%7C35f23a27cca6dfe6872ea10e590374ca%7C%7Ccffab5c01031391b33e5584abb4fdab6%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
URL: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt30.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 0DC1 43 B
215 B 96ms
96ms Image
image/gif 34.206.10.182
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=d343dff0-f838-fa46-a2fb-3d8dafd31fea&tv=%7Bc:ftJ0dN,pingTime:-10,time:731,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636831838%7C%7Ce3110f4f7206f9618df81448d8619638%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C9448f3c9553ae73a7ab757da353d4047%7C%7C89578c77d9039be1f1c636b8456ae568%7C%7C3c0b894c4a83ec2a6ac8375c6fd5cc80%7C%7C208e5c90259e77e5464567199ab673d7%7C%7C97ab93f6305bfe0d122998d953abe8e8%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: 465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
URL: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.206.10.182 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-34-206-10-182.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:51 GMT
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1FF2 11 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0c67eca27c1a18b6fc31f97e2b948b7a09205d1509d6233b1b8cb16974efd94f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8558
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5BFF 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f816636f126177795737641b05534cd9e58a382999aaa2c1e2666fd41ab16a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7945
x-xss-protection: 0

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 347F 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c948f4aa0db5aa1936ca2b8b4ae8308f720af30baf97401d094239000455d5ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7881
x-xss-protection: 0

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 136ms
122ms Script
application/javascript 104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 02:13:52 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 94b7c695e646da5a8036224b024b0216f88bf1ab1f2004da2f9af0ab60ca12eb
x-transaction: 68ed9f65832314c4
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 19ms
19ms XHR
application/json 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

33260c910b38147bfbda277cfceb1c015cec4bbc7c73c41c9ee50c1cf0c19dea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7903
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
382 B 48ms
32ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=89de62cd-8c1f-4801-8706-01e270fde7cb&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&t=DOJ+seizes+%242.3+million+in+cryptocurrency+payments+from+Colonial+Pipeline+ransomware+attack+-+CyberScoop&cts=1623636832046&vi=04f66370c9564ab90056c8a94bc6a113&nc=true&u=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&b=143679850.1.1623636832039&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: a0d565c5-246c-498b-816a-235e14e50f9a
cf-ray: 65f00ab86da6c272-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9e507460000c272a1342000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=f7t2pd3VG2whL8VKu4xjLACrv0e8sKmJrmtSCvBtZ%2Fwg1XVnMorKTjJtjXfAWXZm4SOZREELHqA4vxeGSJoBLRT%2BFT1QCZHKNJczMj4dRqzj4v4D3cgQOolIKP0%2BcfTTDn9QIh6k114o6Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
818 B 45ms
29ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&t=DOJ+seizes+%242.3+million+in+cryptocurrency+payments+from+Colonial+Pipeline+ransomware+attack+-+CyberScoop&cts=1623636832048&vi=04f66370c9564ab90056c8a94bc6a113&nc=true&u=143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1&b=143679850.1.1623636832039&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 7ff9d193-f523-445e-bab7-fab84fd0b737
cf-ray: 65f00ab87da7c272-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9e507460000c2727b305000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=0gTescAszcUUHXFYzwRL2Wd9DkH04askEWcD1JA72m2JI1en9RIvZ8v34fedWzQGBbZGw1pScm42f%2BLSrKxKviGpzAmnAdP6S2OsAzAShWl%2BJtwLGhKsdy4ZeF5MFJCshN%2F0cLXevncwWQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1FF2 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:52 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5BFF 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:52 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 347F 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:52 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:13:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:13:52 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame EE31 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 0063 783 B
534 B 16ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7d7348e76b9ca5c267d4c40c01babe592b03228db8ac5b914a63aa00cb3f41ea

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-BX2aGY3wMWZEPV3j9QKSSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:13:52 GMT
date: Mon, 14 Jun 2021 02:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-BX2aGY3wMWZEPV3j9QKSSg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 60C0 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7764 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2ed81c4a73b9c5f7e4fd164dce6e444c3d82d8a6088525d850bf9cf8ee0a3489

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-4SS5Xi8ZQvYBFIZ90jtnFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:13:52 GMT
date: Mon, 14 Jun 2021 02:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-4SS5Xi8ZQvYBFIZ90jtnFw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 9B55 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame EFEC 783 B
533 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5717a2f8591cd4fd874fc992476365bb033c10eb469a1a0a6214a0ebb05eb3e7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-7CH72Sp46FxIBpLb8iNFCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:13:52 GMT
date: Mon, 14 Jun 2021 02:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-7CH72Sp46FxIBpLb8iNFCQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 514
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 79A7 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfQI_XrvGYIOoOeiXx_APt-yc-AsAAAAAOAHgBAI&bg=!_v2l_bnNAAY6sG-_OrA7ACkAdvg8Wq9NKJzN0s3bHHtlQnP9mI-lkumpsZ7fhWfHkzjzmN1SNCaA7gIAAAJDUgAAACNoAQeZAvexitT19erh7ERr0HS8npBziiN8iGOC0d7PrJgYfo1N61RBsucdjkP2mBH9V7pr-yeKjwKD4GyU3n1-KqgkFtEZJpcy_oV4gKAeh-HDzux5Brv0jtCjDQTm1G1poTS_Hh_ILKOlxm5qkZh2iTZ8wsy0X6WDXXOJRBzGg-t90S9SAFsClfLUBuw3ZQ3CVIi7d_Odb6ajjJxRit5_FaV7iIoLP0jeDI7bThP04ZKZljWXGDs2CKfPXSvU7V3ZoYfSQNJk2a2hEbzeeZRLM1mXiaqqdKfukcdkBIqCyZRWnqNkOhbTCsX5cruPP6aeBp4-X-XbBYuTtzqlS562-J0x0Sg5SNURpqiNQ0Xm-ge168H1oY0eKkJjSwmAzKcuO_erPsVAOX4ZCA7vuFsjuPDaimtNC_Pq6xnPIl0QfBQ-ttfgZ5BfqT124NsG9wtI25vFxxQ2po4QR_Vs6QK5QqzDAdOwctRnEiYxex0IHiC89p--BDDuNU1eDbNiJas8xpT8IbK-YijQb8x8IpdJ76rsNHwc5gwX_DYf-y2KgbCDW3ilm6EOzzCjONtpd-EjT98SYdSuQ53hLXrjdE93rjq0sQCPEIPoAK2_dzlPLH86tKoxsIFZttdYLvtFXSm7Z_4N2bNap3Uqb0fq9wZ9XAkf-Cdu_TVmytE3WzFZbBLxfFByTMCZnpJcCr8AFOGljgNoKrd7uCVrxnXvK-gLV22eZPg1ArRCrzhBeD6ra6JuZAekgp4QT6jRVwGoawg-l6q9JJERhZnOeA2W-E7YFl-xn69zWKxwDfDCmYMVXse0zWIsK6Tb2233D-A65OIrgkAhYyYnS9zl2MFxYxQ4QAadZDXrDAOo3x1CP7HhIYIW2pCp8kItpKNdNs165EReuIqqlqYcjo8R_IKzyjaKu3b3O-kl_97oPMjPEhiw5gARhQbknmbV2DM6H3tM5YV4gVMnt1wY8Rpo14nn2BO92Ac6YubXXJDK9aocWDEvo_J-kMmVzBVP1YvEC74

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame DBDD 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17806
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 810B 783 B
534 B 16ms
16ms Document
text/html 2a00:1450:4001:811::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

dea1699c50ccfe2c9a6d3f874c11946c2d6b50354d9c7c90761769331c310e43

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Kp9224f0H22tKO1Vj86E/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:13:52 GMT
date: Mon, 14 Jun 2021 02:13:52 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-Kp9224f0H22tKO1Vj86E/Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D94E 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BpmPbXrvGYIW4Oe_C7_UPzPCcgA8AAAAAOAHgBAI&bg=!4-Cl4KTNAAY6sG-_OrA7ACkAdvg8WgYcyUJDZINHetRTwsRT_xns4juLvDL079fGH1dCbq2LQa-A2QIAAAJCUgAAACZoAQcKADm1GJpz89oaIh-iLgee4LCrS-HndcPCQoqqJgXQ8lBAI6HVux8GEOSixddhGVGK1fJLMy-ykjKCqT-ZAuoOFODCT6iyt2X0ET4hV0kYHE33XT_uZ3GsW2T-2A5FISaTUqd2EsbCS_Q-VeFTP_RAr1HTmqPX28w0QReAGXpHvqoJFNYt4zJkKb8yX6p-PMDBr7uH6ZFUYWiGLFM1eg1G6FuZh_H9sGpAd03_nr_U8YZaNpPDuCVXMfN3v1ASt8oFMzQLQtZV94TgIWzK-4ZC_1fwJlVUVJjMN2bSyYHDlGn2exV4nn5RaAufllhU01ZMvw06_HfVNXT9ATMLCQmXAege92SbMyC15wkxZCw6e2c7CjyC3RFKtM-DCJocvCXuQbJORNa8khNMjpjx24qPSQAWCX9ksGdnZYJQNqCEaYWwHkLPq58vluGQsMssZH5sVptm4O5-3YdgL9XHiZLEUSgZuc4wKkz3UsODTBdBQtEROxdmxUvfIDB_9USf22FPrtsuqtc12GPfMzzK7DOEjHqxdhLcCYRsU7zfyYXWPtvdK7BFhkvVEtaO0x5ajTOwhYDQHhk8P6dv5i2qNtwTC06jGSwX5DricqnaRj-U8LBSj28O4zZQpPtuQ2ojueKt1Rias77fUXcteTqnBqLIKedphpOcq17WuGmhjfwIcNwsUO0H9kKABFYzhrI4EPJncDZtsc6fWO6FxI8DtwM0vpMhk1Yv4M0tJn4gCdUOjkoGlVTzl6eUd3NwiMFNNL06hCruwEfz6P9obxcy_AEnx89BErnTfXKkus1jZkoDxSCEj3U7T85w9L9UJ6YrqtQ3Ig8Xp_6p3NbqrrFtnk5iI5lubstR5yyGY4OyWjvxr5Z2_CksPWxSrqk8GRbeD59UoNWilPD5SboAn8evjcZMuAV8204UWFv71kib2mAUmTtjiweKoOR57p-6Z-A011OZDN1mCgr6TMMqx0j_dJU8wfLb5LDPF7ZSZWaRJMmc_7y6aDhKEHYhI2Jl7Bxns5DnEpID4yo7bQ1G8qzsxzbZDAHRSPyYgg9azblk13dak5qATRcaY8v-9w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3A04 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BBEXtXrvGYPSyOaWKjuwP9oW6oAcAAAAAOAHgBAI&bg=!-fql-r7NAAY6sG-_OrA7ACkAdvg8WpgPowQhKvxtKBxVmH5rJuYhiNvtXDbp9_T2jy5jJkbKuEtF-wIAAAI5UgAAACdoAQeZAuJ6jFA3jyQ_DCoAgeszAtyGlr-yfsHW3BVtdS3eKnK010cudPVrC6cwahT80ca1j3WpYqi2ceXmMcIHNgSpPEJq0rvJbffp2g98mgvqTEhJVI8nYDGVhUFTrhnxvCn_wnveFTM7mwcJzTxwzyurhieWk3i-1-YQq-AddYGJmabRW2JxRQc5Cf9rAEqUkXEvH7mvBzPK6R47hqQWGcn4PhI0twZVNrdAWZmL-QA1zCjDPzqTzqjY56cajxtBfZ0NbkgocVrgzJqdaUOozf6DH2oc_lELNlJRtsvkCX8fCTrcpYvdxZXYyIt9pq-__mvqFDvtr7FSKsLdTP3mx22C7yOs9geTgVYrQIpmX1qn-2zot_7xwDb8pMdYYW0LSi_ZZ5sMniETS5TgpOzkhWrISEBxuYxYv4uZpdbs72ULIFshOlQbnXqVkwAy5DMaSJOBgfoFAzvunUmzEjz5c382W7PG-11Dlk8l7iYw3FL9DIZk3j33WNgANMqvoA7IrjNzT8IBl9Q_fnZq_SwsMrDFolU93WiCnbPmlpSNpAU1BWKNhy4rkZAZULobyAUfLfyhDky9Rth9_bMr2C4r9ADZY-YvKFr-CNi53a0NACDm7hG80z4l5hL1pmN9AUmkXtssu5U4bYyNIKY4GoF1E05LIW7DCdhYbZlRmj8WTMOZET2apfzi0uEOc_xMKifotNa2cLi6i65Y30aaj40OQLmgZi0kO8AwbQnCJ38sMd_Fo_i5YD0i0wKg0Ogqhu28cC8Zcxk-7qZb92a50npAv8CMV1QVx6hXmZ5GW6GmAlm33do8oxHqdLojisUUVwTuqVRkztrkuLZv878hqzp4AAOWmpyEHJ1qlg0LI8LunIagTPf3GmWy6gyXUArwwfiRRF-ssjliktmVjowX7LMBpiowLx1Os0w8rDSnBuxbVp3kfPqGscvvRofpfFWG2o2Ri-GIWi2POzZsG8uG-nnWi_NdQiJDy1I

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8955 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BfztEXrvGYMWzOtax3gOE9KmgCQAAAAA4AeAEAg&bg=!AAOlA0fNAAY6sG-_OrA7ACkAdvg8Wg88AYKXUqeF1tRCBH2uEmqCHTk1yusW-sdtLeNR8z661iC9tgIAAAIgUgAAACJoAQcKAIzQWyZbAbhqsUlmIQNr88Jqr_z3ij6AFhV8LC_X9x8uyi9aeBbflCgaMTjC7V_Cl6Bv0H03D1xKdnBUBpP0kGfnYAdpYypXaj2sfJ0lN5wem0QaurS2fJ3X4PwNZSe7haR48lLl2FQV10Zg-Muhz4i3YsmUErr6cdyJ4RHD4Pn2VRIrHX8BCHczeDHsbZkC7hPzibCBgTK_NhpCKS-ceSEcZZkEt9XPbUaY6p7jXCXD2pgXnBFOeIS13ixMkyRsNBMx8Y6-tCkoeGCZrn71yisT6ndxtEUIHk83KFS_0ZSQjIMqgVMLQsa5jmK9jo6J9ePsch5gdT7w1WxC0YM7CscC5n1duxkVR6PcZjgSa8ssQMfPnfbR5o2XmzGu-954iXDWPpVAhEiZrEmtTLTLQGU_WNI8u4aLhTKw7-w483ySz-rKipc1Cld-Aydu0g5ecTmZVi8mD_6ukxkye0XjqrAuMHNqut0IsoIz9bpowmOgA_x1SZIIZLBWmKr8O7mPQAJRWIIxbTDDl3P5NB2wSqN8i-qtU7fIF9n6yOsHPN_lca6B0RYCsy9KqCqCdFhyWRKk0yOtumh2ovncR9U7T3sExVq0SHX3St3aXmUyrbJrWJrh4tUaxTB9sbreIl96AsPOa3IbVph1lh6fJcFwtq8364TIM0LH8MfP4YvUbOoUbJ0bgQc2rGiC1t1ZQ-H20vPvldL-DKfn_45E3WX59GrOBGfnJiGOBih-C33GMG8LucB-VP-q-R4jVrsbfzFMJzIgYxJrnrTXYIUFs4Rs0d9QQxs3WzntarGkDAaQOO8o3MjdvsmvpWIOLEGIE4IUflBBhd_hmwrOmYIS7sm8RAs5SZrCHzpXrICwlmNXjPfRSBmpaua5by6uAEHpIFgGvEJv7qRoXNZ9wxHp5QBikI1KWfp2wiZ0ROtc6sXG9t6FuhQyptgDbF2wlQqYgyZHItH3yJvv8GIic6k9_c0EKkSstQjmUQ-FVXKWnGa9ayqACAUZjnuXUR1GvDWse1YT6iJQhnSUaWyIXgsO8gB75_sqRPtHUSksxUmdjehic0G8YBcYMop9ELQ3nDNLgp8On-ZAcntPAHP7B_ZKha4r8OWWoLrbeBl6oou7wYBljirPh0tmd8C9V46WSV-op6LCUzxOvug4pkVcswZMAYwz4xHoDOeZ16tQsH5pX3txuA

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame EE31 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 60C0 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 9B55 14 KB
6 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame DBDD 14 KB
6 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34466
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82FD 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstngcerHKLYSwDNRaIJzseKL0KZP2SAWB9fHxcLE9VtQJa7-onyGxxDc8eCaElY8J_mHNLzIWphB8QnM5EU8rlvJWbYCcjfR8grrRHKOag&sig=Cg0ArKJSzEE5nKDG9Ci1EAE&id=lidar2&mcvt=1033&p=0,0,250,970&mtos=1033,1033,1033,1033,1033&tos=1033,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623636830764&dlt=35&rpt=360&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 82FD 42 B
64 B 14ms
13ms Fetch
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvArxREugVzyVpNkPbqg2mvnsKt59XSB4OooM8aRKmNTWIY0AXGHIWrtsKPCTeRCxYRcP-YMeq_iAWZsNx2BE6_dw&sig=Cg0ArKJSzLbAPjf267V_EAE&id=lidar2&mcvt=1035&p=0,0,250,970&mtos=1035,1035,1035,1035,1035&tos=1035,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2711260096&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 347F 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=236476849370585&bg=!t7SltPDNAAY6sG-_OrA7ACkAdvg8Wquwh9t1frpjBWL6Lcr77pmvjMwiSea427t7A8GLzYTP67xIjAIAAAEkUgAAABFoAQcKARJkk43UoBiBfmv0NAotyX5B2U28JEoneI4Rv8X8KexfiE60zhzB0stjCnwdRJG2pgGiS6nVkTbKyOt0QgTTqlVX6-b90L02DU8RHU7jpwalyyhBIIDKP_U4tqby6_qqgAmVEI91GrC8kZwLW43WM_rVdRww1uIimkKECbwYEI26oYbWNdu1m0kO-nqKRkSYPfH3bAaasESbBiFZrj_OoHP38h-QpReHQqtw41qG7ykJLpiXFGMSv6kY64Z_Rh1tp9EE4nsRlueIEJJzLo0l1uSQMuXNHHJNSZSK98axY9EWLVAZio08gLz1q_ntOuw9UgIO8MfemwFLHh0QJnXYPzd__F1ZQQKGPHv9fWryAPe8ydNpmQKGtxVzc0V17HsiXNNNRD4El3uw3VdEZZ0lelbEvsM8mOcH0EcIHQB34uc7SbD0BzQ343ALnWXJ_fIQXlhGc1qcho-gl4LqnSPuZxZLzK-BKieoynJRQ4_K4v0Aav07amgtUl8Y2kbG9bKpfQTPFJSUyrCWBdbfbvRmdMOwmQg-GRXeEJYqCG51WhGpJUL77MpRcfYywPmYevgTzT6VwWjsG0KLBUbCpUWyV_v1dqdULS11LV58lKuJRggjkrC-1ym35z4nNwLiRQ5s2HWu2RqSAH_l6EwBctqb07C6-QOgErBdjLT9G3XsLt358MHAQ5n83s_0TPBvYFLo7bRvSFB1l-WQpsA557u6O2xwx849lcrjjbVAM0fLQdFVoaeJt0nAhxlaLOjvl9NcsTexb4fl6kF-uh3gTuE6mOzFpKR3cHFsHHHE5tFH8Op8GCJHuB8Im6EWRK8o71PMlgEaLhIowMnp4kfKwfsVXprbZ80NfLHPnyyL3tI_hvx8Zua8kMQUjeZ03WpJ4pSZe6cfs3maQmeS2sCvOP42NlJDd9Yst6GMUKmS7mM1hg6ewLK0zi_qZ2lYozgNf1STXCXAFbNDWf-VWzBNJkRj8qDkOcb1FMtzAlMyBG7IQhmMuRbRwoWE7ikKPTf6Ig2RNdA-r5_7TbFD2EDymq4AR9nG3G8Q3Kw0JWXn--ykYdRv6-2zUhZXV3Y7XfpGOm5EiF2SaW9SkhbvFL2b_8OKdxmqaa7ZCzzQ5LZVcl7fXLR-xEg4sea3JWvsWEr2w1-IVKY-nT3qOJ-oiC6MRQBpWn9F693wq4Y_xeoeUv2h5wwmi1yNocOAR8QH4wJZZj1BvugVhcIWteDkzVwH4w

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061001&jk=3991849316707933&bg=!MDOlM3fNAAY6sG-_OrA7ACkAdvg8WuuE1SYKOJFud41ahkYberrxAss_I87Q-UvQph_s1LtgtnU2-wIAAAEgUgAAABFoAQcKAJqj9SCs3fRShpI80GfoRBSL_suI_NM7UIv8z10jLA6LGWN4IJVhpHzKmnB2FRmH-Yglnf14o-gmqvScUZEshBEL2_nTDV7kipyMTRV3SivXBZjaspkIUI_8L-nFJL6lbmMtCvxaTbZEu2HvxT1z7ZI6LmwHvFDIPNlc9ijelL99IqGdfdWVsGeaQKfOh3o64ww6neqR-QKuYOrlmQJrBuvgOuS6QD4CPij6QPOoNQidKF3ZRritCcxg0k82fv4UZpNSxjdAmvF-y0Uw10UzfsmN5yCzUdz7IsEA9hQWFoxXUk8cOtIOb_pYnUobuj7HqnEjQQuUF_S6dvPHc9t1VYKsWb7j8Hp35TqrQd1daAs59gq_gk3Qv3aFZlp4pRqfoBes0-3b47entlq9EyMEzZW1lqURhjoFRlFrv8CbqQT4xbYdEW07erH-Z2QINIuquAAs0l4r5mno5fKQwZSHYETOmaYGuKwAqfnlvZevt1k6ITfUVYoV1pCPylsvII3PHqEIae449C9cXJ3lRIZmzxag24Jk2rmN8_vHITq8XBVbS41iIw8f7CzXsHooDicmf5I6YgpHYjFwl1mDaRoii9-5-3vldLilrhv35C5sxBRlA_AxpUQshaFRFv3DH7UObEpV3sOD6XSPJQdmnIUhCFlvpdeptWb0i7YDRpbOhGiZ2k9i9LzdugWnr0dgXw3QjFN44au0XrWw1p561GQMNmEB-0KxPT1J3T-Xa79e6-9FVK0NSd8f2OFZok5rXONmU5qhKgYqsl6JokQiRvBRhL5TEVwozFgJP6kgKVQ47sESXCltogM93geEFU114AtfP4J7b3bu5bMTz4OsIjC0RXp80pQpIxp0CT0eq8TxfyOz-0gDrG3mLJ4T4MXblt3CVHqotcHICzOcb0WATN3VfyrQcUvtGgITOQQ7FtDjOoQVE8dyQpBEuMkZuE9KxG_Tv2Ja43-I-ed9K4mCDvZVpemcdGEtzM2_r03KckEfsa-otxbcubdj-pgEOPgphuMJW3_rf8l3D0jAZw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5BFF 0
20 B 15ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2442970141463940&bg=!EhGlEVXNAAY6sG-_OrA7ACkAdvg8WvMgHbXqtf1EwGmiUTkskSwmvo51k-tgQo71KmksCDDuFxtsKQIAAAFRUgAAABJoAQeZAoVP20bg9-v6eKSTWhZnrz56676KtQnlv4kEs6-6FL2Ot5m5GIGY45M1yxHnM1cmA6YFKVMYarCvgoUI_PLUvdwwzDhTuj8C-BA8xGb2w0sVgT4iy_AvPIbDCGEk2RZ_kIsjuDeYCx2HdqVSXbvHlaW-Nh4Ku9thNvP3petD0MmKxJTDqsB8iAcEBir-JxbL_LOD9N3d5I0Kr4r4t8_pnahrXHSl-u_vKvleBgzg0ryXbzJghxKrcm-7HnY0kb8wRrczJv2CLPdVdJv_1JqMICsu7MgTdyAwglJl1D_D3PSdXUtsSphR94bK2_jwQLd8QwmUYIgxoPO3N5YPu0l-lED3H8ZuyS5en0WrMQsO0xMTwcxjfLFUE0aXGdUs51gJ7XrbhmJlVs7DLSMgOhj_WyZrkbdxPrtjP3pjo0XgF-iwQPA1cIH2fT7wVZsujrVX32eSCXgrYf9ckBJmNdRF-uhkNRxdzHzrRBGTxc2PShU6mEbnOiJWjo5KaQkQ9p8SIU-HcikWs6EBtcxhoclGq_plvaDyWKCd-7MOBzsER7234H7_TZq1M7WabRq4VgB_XGdP_fcJXIpfH61BaBAgQkorCz-kruO4iiw9PDfOVioVfPIbToJnq2c_g1f9-maMAyVgyK3kGSR4Tu4fnX0PqoZA-1g8n4Mb-hsKN88Tyujl4mAIcmRyIHqgGvvQACDxJ6HwFEn8w_li4vgolCYxNVsL8yjrnJX8SPddy4dAHB1MeAYz1uoXkrQIuJ1haWYLpkVKXe2lEV8bUGMCLFD2u7wL6n_b9-taRu6T02cW9xi7pVQfizWdq0vwT39QeRSXAp5UKfA-ikgMJs5tM1Xplopi2uXzHpw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1FF2 0
20 B 14ms
14ms Image
image/gif 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=1641553134027982&bg=!U1ClUBTNAAY6sG-_OrA7ACkAdvg8Wq6StVRm3JamhLCZAj-WM7CFmxXaOxHjmYi8YTz7KE4MKRG-NgIAAAFoUgAAABJoAQcKALhDkM1ctsOlNLm3H1j7iyakLOudO0ZfFKl7SZthfh25y7smWuSP6YvnZTjzwIh4oQi_qOwlxQdSp108Xq5d8s9RnvU_NmeGUIHRnKhNTfN2QYVIkaj0HMGApTEFMRLX1Tax68MChmu8xniDXS3ll2-i6TX6x0p-AhjHbzlRtcen3iJJtQHeYrmwT_2t_WXZ-G9xjXFeO51Omlu-eR8-8TrESbseHzoGgvf0Ol8ni7q0jv4QpZYhL7d9mQKUsLyLIzdyzZPp8NDRGM6yc5P_Pzj_oLdPhKr69fcGjmgTn4vEMONzEwVbtqDH9z_Yegoc4y_8UocAPHBrcu-V8DqKimgoi8mFIOPl9hiMF608i-_QTUZNdy65_b46JIuA3rKQZ5eUVT8PCkDQXeR9v-wnxA7P_rBYi2TyAhRSZaBbV63exd6khrdocWwUX6ijrYm2ALpgwmnH59c42RhFHg31J2g-tSHKN5dAehXR2cM5QnCubfG3fA1QrW_VJJGNP3qMf540XCyvo6VhzRQC_bXVhVzIREcLr6mQ4It3uGiqSKkT4HUVIf_RwMpaUecZzntcVULt5X3ebV3d2DnqmOnFtss4JUqwZrOTuKY5G-FN-_X9bt3gqzgBne7CSJxa3blnzmRmyY8BUsbqj1UFBdbZSykTPgc35N--3HQapJJEAzmcOHvieCn6q13Pdhmt0n6tNHkkzMlX3MYL4Mu5Pjkj8fr2XSih_bd_sAE3yBoOBaIufQnZg44yPoyy_LLJePgd4cQ4ZL1i8jSN2_Z6pwM3FCpof8nWbLpQB1C3Wj5YYaHLkmwf5r6nVr8mS__o1ynaioeBxKJrr0IFrvQgO0wm_C5QWbixfWZKIhC-uVSOAGV_jyQC9EU4vw4EMhuS0wTU44EzqIY9dS75Jsvo688fV4wCNkkklyRpOjBck-EltHWqHKSXMNpffhOzatShlNIn2evuTIeLd4wsRx2GXxUOorlo1diYLM7ZQszcO6MUa35bh62rbSAMnhTMrNwvVtzrW6MIN-0AHk2KyZJW3FfGv5ZhaEvq3545Bg4pnP8wi6SvOpJSGaBsxrRXvONJvjGY_V-eCysR1PspD2OB_GodDzLHAmMVUBsSmnlTJMjbvWgt

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:13:52 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

11 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-19 19:00:38	Name: __hssc Value: 143679850.1.1623636832039
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 04:22:12	Name: __gads Value: ID=1a5fa52a8f707b85:T=1623636828:S=ALNI_Ma6shfHT8n9yhKxGTQIG4MS-sEtdA
.doubleclick.net/	1970-01-20 04:22:12	Name: IDE Value: AHWqTUkGcAiTbpLTycg4PO5zFrx6LALhYYU91ycWRmZMfHTz6Y6A2o2XraziZ1s1ub8
.cyberscoop.com/	1970-01-20 04:22:12	Name: __hstc Value: 143679850.04f66370c9564ab90056c8a94bc6a113.1623636832038.1623636832038.1623636832038.1
www.cyberscoop.com/	1970-01-19 19:02:03	Name: sng_interstitial Value: true
.cyberscoop.com/	1970-01-19 21:10:12	Name: _fbp Value: fb.1.1623636828299.1284348587
.cyberscoop.com/	1970-01-19 19:02:03	Name: _gid Value: GA1.2.1880924883.1623636828
.cyberscoop.com/	1970-01-20 04:22:12	Name: hubspotutk Value: 04f66370c9564ab90056c8a94bc6a113
.cyberscoop.com/	1970-01-19 19:00:36	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-20 12:31:48	Name: _ga Value: GA1.2.1305187597.1623636828

6 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgRZ8W4RZnC32bc-v1W5HVGrP44Vbg_W40-Ccc6HbDNBV293Ws2zPq8RW5JHB8n5Z8gwlW26YHHL3ZVDRyVbdpRP3_6f89N83_qF5h8pktW2nL2RX1HCGVGW8XX4pt6S7jg7W83Myk27P29NvW5gqtRY5XJKZ4W1Y3sVC20mSRvVfxqXb2T-0qTW98Sm8p8f9BLfW1Dn_-N5fD838W115cT7899dmZN8Gx6HXDRgLGW7F3hgX2CQ_QrW4RkY5Y8P2qW83gm91(Line 13) Message: toS
console-api	log	URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001708984375 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0a123d4c917ce964ffb6e4e5e2cd3494.safeframe.googlesyndication.com
2b431d5427477a300d9d4b37140fe9fb.safeframe.googlesyndication.com
465e8ed3cdfd01c2e9263c1dda2899b3.safeframe.googlesyndication.com
4c85f40c1c87e2a6a13b69d7b9310b74.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
af1841b697c860fa2f0a4e751b8992f1.safeframe.googlesyndication.com
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
events.mmi360.net
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
hubspot.fedscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tags.mmi360.net
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.3
104.244.42.69
108.174.10.14
142.250.185.130
142.250.185.194
142.250.185.198
151.101.13.44
199.232.136.157
2606:2c40::c73c:671f
2606:4700:10::6816:47c5
2606:4700::6810:5905
2606:4700::6811:47b0
2606:4700::6811:b749
2606:4700::6811:d6cc
2606:4700::6812:14bf
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:802::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2004
2a00:1450:4001:812::2002
2a00:1450:4001:813::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:4001:831::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c04::9c
2a02:26f0:6c00:2b0::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.12.243.139
3.140.174.87
34.206.10.182
52.21.95.133
52.212.52.211
52.213.246.12
52.216.144.149
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
02f3439d68d49a40dca07d9fd6f0d891f2078093e5343ffb2210ee7ac4eefc52
04829f1cbe8df0d9cbd1245bcb3e02392318944f2dda5c129ebb409c77b21f89
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0c67eca27c1a18b6fc31f97e2b948b7a09205d1509d6233b1b8cb16974efd94f
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
19b28cd358e0f400ff690622876e1891ccd334d8b0a2c0cfa5aad012e8c745c2
1a0b09cbb763ef7e1ab6183b36a3ff732a874dc4faa20f375c807d8ade0438d9
1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1
1cf3fbfc1124a80a5691de2f0f3abf061c1cacd4b0bb64d3199af9d478cd689e
1db303f2f9ef3085a0d3347fa3c88fcc6a42f247efda79b10b8c696b21ee8480
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48
1f81183122605de9588b30ce5cf7be362c55178d015988fc834f7b3378ed5f06
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
2907b67ba209b09990196a68e55fbfc5a7e742bbfb862ce494d1fc9238284595
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d209520098b09aa8847fc90e422c9a590e6386bbcf1ede1357c0a1531f26b08
2e45e4989af6308367f32065d73379f226deef2153689f71f3f1db0d978e4acd
2ed81c4a73b9c5f7e4fd164dce6e444c3d82d8a6088525d850bf9cf8ee0a3489
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
31cb368bc58c68d2573ae08aa725c43ef0a488e2a853e7e67daab2bd32aad18c
33260c910b38147bfbda277cfceb1c015cec4bbc7c73c41c9ee50c1cf0c19dea
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
3727c0e52c294a25d7cb01de02caef316d4cee0c2993fe8993e546ca133ad2b4
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
515a19b0aca202c0a2a5932e9cec9250258573e8a1b3346ae8aef7e4337ab126
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
52f2c5b3be27ddca6cb3ad85176620ef07a70cd568cbb8c4ebef924b26d058a6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
5717a2f8591cd4fd874fc992476365bb033c10eb469a1a0a6214a0ebb05eb3e7
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
628a65f8f1c44d929833dd003e1169b3a8203b7aaf145ba0b04173a93bd30dd5
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6583bb857c7a27c71cf6d65a5f23e6c297461091d77918309236f2dc749aad58
6df5297b890ff6b7e63372da52b58276e6af2f2914d30d7edcd5ead5af63c738
739d5dd6fab71321401422b84063f7c19d84eea2b6ce0f2ad540bacf38f5f5f0
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1
7a30ec48d41a71c28e7080b22ae32e6730e544312af78c10760d74b66a89f35a
7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9
7d7348e76b9ca5c267d4c40c01babe592b03228db8ac5b914a63aa00cb3f41ea
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
82b93870340639f93f374966650f61a46c1a4b0891f25ba9b9673a1426d0bd20
84932e6844caf3d0729d337d7372742ade2c0ff84e4a4a273a8e3325ba99b23c
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
896fed6cf068a0d1e73a60868a06def4f229223ab2f78856a90f7f81ad9157e3
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8ad9192c5e3661229d147a4b7f5de9e8e5f93dd586f8853ac2c2afca67706ca2
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
8f816636f126177795737641b05534cd9e58a382999aaa2c1e2666fd41ab16a3
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
98999de60cc7dfbd331078a9266b35fdaff2871a6f54cd4ffb029b7d11006a1a
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a00fcc6ff3c2e5d112b6995ef41287553bce6e0fbfc9231e13a9fa8e3ce1ded8
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a1a5a149ade1d05312f19dc7c0461685435544251ae65d95c2d92cb7393bb68c
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac17f7fbff7389405eaa72e6b0e4f588e8253d1208b0707b67e5a3efd462b8ad
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828
b0ebb64770d12923ab367667f418fe5bfa5ae336f3404eb74463128a10ef098f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b85d2f341314cfc630b5878e790d325a516e08fd9bf9a80c328588d50b7f1a1a
ba601daeda8cb0d179beeeafbe63848d0576b172f3e2800f1848be282b2af497
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c0c33f6ba44fbee4f96f13350a10c9f5962c923813413bf8121a97264b3f7378
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c948f4aa0db5aa1936ca2b8b4ae8308f720af30baf97401d094239000455d5ac
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
cc3847732011c5a9905366f1b984c9549bf52822267e6e284c9357f773666b8f
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d821b0d23874708c3bfd671827839674bb2500e5a4ede5a7c47fce3c126171b2
d9b227d629c1ec7ccb2d2416f1206701576b7c24efa5d0c92b32548aeb0d3c41
db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
dea1699c50ccfe2c9a6d3f874c11946c2d6b50354d9c7c90761769331c310e43
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
eefe62a178a6a04c30889acb8eede1ed6820738d0ec5525d3399fefc22bc71e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f9f5fb1596ab72270fbb5bfbc64b6f05d259a045255a36c176833936f29ecde9
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed
ffa0b98a0d410d2703d082d2656f8511370edf0b70154934dcf36581216ec349

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

264 Requests

100 %HTTPS

66 %IPv6

31 Domains

47 Subdomains

43 IPs

4 Countries

3665 kBTransfer

8875 kBSize

11 Cookies

18 Outgoing links

Page URL History

Redirected requests

264 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

264
Requests

100 %
HTTPS

66 %
IPv6

31
Domains

47
Subdomains

43
IPs

4
Countries

3665 kB
Transfer

8875 kB
Size

11
Cookies

264 HTTP transactions
6 data transactions