cyberscoop.com Open in urlscan Pro
13.224.103.129 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cyberscoop.com/iran-peach-sandstorm-apt33/
Submission: On September 15 via api (September 15th 2023, 2:12:24 am UTC) from TR — Scanned from DE

Summary HTTP 117 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 32 IPs in 4 countries across 23 domains to perform 117 HTTP transactions. The main IP is 13.224.103.129, located in United States and belongs to AMAZON-02, US. The main domain is cyberscoop.com. The Cisco Umbrella rank of the primary domain is 341111.
TLS certificate: Issued by Amazon RSA 2048 M01 on August 29th 2023. Valid for: a year.

This is the only time cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
23	13.224.103.129 13.224.103.129	16509 (AMAZON-02) (AMAZON-02)
1	184.24.77.144 184.24.77.144	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
19	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6810:bd59	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:310... 2a02:26f0:3100::1735:2a28	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:801::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:806::2001	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:480... 2a02:26f0:480:f::213:7ec6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
2	2a02:26f0:310... 2a02:26f0:3100::1735:2a3b	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	18.66.97.53 18.66.97.53	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
24	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:4400::6812:22e5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4eba	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:fc00:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c0a::9b	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:800::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:81c::2002	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
117	32

23 13.224.103.129 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-224-103-129.zrh50.r.cloudfront.net

cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 184.24.77.144 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-24-77-144.deploy.static.akamaitechnologies.com

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:bd59 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3100::1735:2a28 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:801::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:806::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:480:f::213:7ec6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:26f0:3100::1735:2a3b (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-53.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:22e5 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4eba (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:fc00:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0a::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:800::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:81c::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	googlesyndication.com ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 152 pagead2.googlesyndication.com — Cisco Umbrella Rank: 105	648 KB
23	cyberscoop.com cyberscoop.com — Cisco Umbrella Rank: 341111	256 KB
20	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 209 stats.g.doubleclick.net — Cisco Umbrella Rank: 98	233 KB
7	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 221	397 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 410 www.linkedin.com — Cisco Umbrella Rank: 692 px4.ads.linkedin.com — Cisco Umbrella Rank: 6273	5 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 557 p.typekit.net — Cisco Umbrella Rank: 727	211 KB
4	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 44 region1.google-analytics.com — Cisco Umbrella Rank: 2288	21 KB
2	google.com www.google.com — Cisco Umbrella Rank: 2	1 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 117	256 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 186	187 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 905 script.hotjar.com — Cisco Umbrella Rank: 1125	59 KB
2	licdn.com snap.licdn.com — Cisco Umbrella Rank: 970	9 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 63	160 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 3291 p1.parsely.com — Cisco Umbrella Rank: 2498	18 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2664	1 KB
1	google.de www.google.de — Cisco Umbrella Rank: 5677	408 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1189	400 B
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 914	394 B
1	t.co t.co — Cisco Umbrella Rank: 590	376 B
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2531	21 KB
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2541	20 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 911	15 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2739	1 KB
117	23

	Domain	Requested by
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com
23	cyberscoop.com	cyberscoop.com
19	securepubads.g.doubleclick.net	cyberscoop.com securepubads.g.doubleclick.net www.googletagservices.com
8	pagead2.googlesyndication.com	securepubads.g.doubleclick.net www.googletagservices.com tpc.googlesyndication.com
7	www.googletagservices.com	securepubads.g.doubleclick.net
4	use.typekit.net	cyberscoop.com use.typekit.net
3	px.ads.linkedin.com	3 redirects
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com cyberscoop.com
2	www.google.com	cyberscoop.com tpc.googlesyndication.com
2	www.facebook.com	cyberscoop.com
2	connect.facebook.net	cyberscoop.com connect.facebook.net
2	snap.licdn.com	www.googletagmanager.com snap.licdn.com
2	www.googletagmanager.com	cyberscoop.com www.googletagmanager.com
1	track.hubspot.com
1	www.google.de	cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	cyberscoop.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	region1.google-analytics.com	www.googletagmanager.com
1	analytics.twitter.com	cyberscoop.com
1	t.co	cyberscoop.com
1	script.hotjar.com	static.hotjar.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	p1.parsely.com	cyberscoop.com
1	ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	p.typekit.net	use.typekit.net
1	js.hs-scripts.com	cyberscoop.com
1	cdn.parsely.com	cyberscoop.com
117	32

This site contains links to these domains. Also see Links.

Domain
www.fedscoop.com
defensescoop.com
statescoop.com
edscoop.com
workscoop.com
scoopnewsgroup.com
www.microsoft.com
attack.mitre.org
www.cyberwarcon.com
www.reuters.com
securityintelligence.com
www.washingtonpost.com
www.facebook.com
www.linkedin.com
twitter.com
www.instagram.com

Subject Issuer	Validity	Valid
defensescoop.com Amazon RSA 2048 M01	`2023-08-29` - `2024-09-26`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2023-07-21` - `2024-07-19`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-06-24` - `2023-09-22`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-06-08` - `2024-07-07`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-08-14` - `2023-11-06`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 12 frames:

Primary Page: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Frame ID: 50371AC42430D13B1BD712B88C0FEB53
Requests: 64 HTTP requests in this frame

Frame: https://ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: D0AF2115E3F3A79DAC00625E567E297C
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss54DXhARSHcm9TigzO826Pq_wdYaiaSNpB0Qv6Zdko3zzv_dZNNDEWNdmhPToI0P3X0eshZ2z-1rivlaSbasuRchD2PfvJXpqQFJjUVRf9dHk-gKmAjLsmPrhWC0M4tUdf_ME-rJ_hWPrdHMuB2kq5nH_XTXSLyUKxxP02IY0PdKJoZ-4XkjJ4Gab76c6-A1GP-52TzYUaqBWIsLScoizpS6jvuDkBIXq1rL6LiXPgWWOg4itJkAE9_-ibel6tGa7JHK9hpcKS3PlGCl8is4bawg1LCKJaILRq-yohT5SR1mjEhwvvEGL_I2DYuQGIFK0Auv7NBa3IGU28D3Cfx1b1tGN6FjU&sai=AMfl-YQAHOMErDhxDR3L9ajLK14kPK8-drzSG7gDBfeBXrWnnI7gPsTxpo-33fjiaaHG3tDCTmT_gY0zuO7-ya478Tn1BmqPIJAcBD9CBIYo8sMtBGFG99ruodfnchkmaBaAGxtiEQGiAqyo_aToV9g&sig=Cg0ArKJSzOb8imPViFoMEAE&uach_m=[UACH]&adurl=
Frame ID: 8C3A08AE5168EEC3F0C0D6D152F7B0E9
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMTTY9dvw07QZboPZ27EmRiswuBEoZc3wNobB6xRjaBHnqtM5ZJpOPPd6aY3ziJCS7gCamclmgyL1ZgHtG9vANhW-f8SvXPEjDEGM2Bt7fZwOdzuJ6nGHnfKUQ5t__Z9spF997kc4AzBR8r4BZEnRXeLOoOGwa7vylcQYQzPeFeDLaUOaBk2tvzsBaXtdgreWA2Z0qlNtPyKyj0XMXCr85BOe9VQUob6YmVZGco3yeYUnZdO5o1ChlJgkONxaZYuV0hIsSoqJWXwWM1RwgJ5V-3ZrS3pHxXp_fM8hsrK16eeH_6d8Hb5RUT2IOuLMog0eauZKNfdvmcY78Jgyq7rY-iOEFq8mYuwD7&sai=AMfl-YTxQm_tkL1PPZRP9FivEGpVTlh0m5J75ndJPXjcZsHNxW7XtBr0pAwU1-6LNeYyjc3C4fD_NNbtWGK-Md_ZZuA0DnuYGRSVzjCXaO0QP-js8gXWvWQAWAWVartueq1AHd-nHn0tWbJk-O9foI8&sig=Cg0ArKJSzFM9aY9vsaLDEAE&uach_m=[UACH]&adurl=
Frame ID: 86EA83BB9AE0FD86C5EFC9249B16BCD3
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Xg9QmdI797OSMGtx-Wu-ZUw--9BNr4HzSbDMkBhsIiZ2lpTO0yvym4ljdWrJlVLtcOGIKH2J5V1dU7wEWCKM4JtQqPMnv46QnNhgW5Hw2AKJ52JlFbI4WiJbuIl7WuJjKIDsDxhMhoVp72a_z5cw0SAN_DlGDbSDvDlXFAKWxAuUVSe_JiYWgglaZw0U_75qBAlOwki4xFhTlAOSoXpNQZZVCF3uRxuuBqr1_76ZHFUEPqrA8Fzj1bg_m0Ur-RmJGhxtS2xy6h_9raGeXX5xBfn6QLOTlrcFAcf-urcEYd1_iA7loh4aE29BezypIS8JI9dkZG8OlT0bWlCSlARNDxhYKwC0&sai=AMfl-YRvPGlVGXOVPblF72BXivyxyWaPwFoxPxdFmdLn-hRk72GG9AppQzKJH_LWGMoGH7cxAkLat_EQ4HMasG0RCrREg3zI1v8RRTUX1bWzjrm0IH1dMgCMvNkXFcC-L5r7_NOKr1MafZj2rFKTrUs&sig=Cg0ArKJSzCxhe7vu0HlAEAE&uach_m=[UACH]&adurl=
Frame ID: 92BCD4EB9CAB4637343F986915ED5C98
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6ci_abCwhxlumzUFF_0NOy8tPUIJRAXnJOy9wCCOx46c1cqsjHoxyAvnxSW9FDYDC-5ZhC7eKJCmdVeecuJ5ZRIX1Tv7pRbRAQ4IBQhTULjJ-wf_wGRLCZsJbx1VmLU1B_1j3Vlsvb7B1rWxTbq516-ECOGj8YDLQdYByhpqBxv7CEbG_blvC3-aqJ_6T0Q-A8991z6UVrEk6KVkl-hYw_sa25uEtt1pFX3_NMbzdx9vrg0J5Lso_WzuK8QgYioVwvT08hs0CI6AQZwH6_CV-5CnhWXKK7Gz6biYGVJc_n5Q9IAgKEdRTvFu_0Dab4pDA0gJiAjsKEpG9dvK4NyH2qxtDTqKzk4jd&sai=AMfl-YRR9LPwXa1H-U5fwFfgPhFUAAUNdKNcZt9biQ7pb3SZkOQ9vXLo17sWqgANrYV23CGIyEML1GO39bnzSmW4lKWgTSz7U4KrV_mrTUFSKlb1zrFniBiaG1hlXg5ahNUJjNorxHjz-BS7LjcEYQk&sig=Cg0ArKJSzHgfNe-obJU6EAE&uach_m=[UACH]&adurl=
Frame ID: DFF0E5FB26F140E7C16A025EE65C39C4
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj7LchKQa0jyW1b-p43INm3G6WLML6w84oCj5YYXC6jWUBtJyHNBHSClYwUwv1xz-W6hMGGBAzAABw5C0001Dq5mw845UAhAC_ru1BOU-33kojlWqS-cz9VOyEFXrzJUdBxhm3Qc2-6uTSBd2xcwWPrwCldcAlWYSu6Ut3TSwxWkXW7OsUaI8EwZBpfZlCUlf5ar2awwhk8zf070-QJHo8v07kZp8w9aErlQUioCYnBfkXU_DGiqpajcs6yqUurabQycrR-Eg2iuHH8pow9vt4YkMep8k7YfBNajD2opXX43B8UpfvTpVkewbiK8aiKFZXdiP7C_lvlCh08FujgLUZkA&sai=AMfl-YQSSCMue5jxBiospfbMpdbycX-k-VREL7N9MiJ0Gg0yxFnt61pdVOZRHq5ktDJBFfAYmHXK_v8Riqh529XtLgOCevd3E3X14y6iA5TBfudPnryW7NYl9dtPZE8H7TVtUwmFS2BeBWfRhzQRh1M&sig=Cg0ArKJSzOvEoqZIONUgEAE&uach_m=[UACH]&adurl=
Frame ID: 706EE61388E18B299BD36264607E0CDA
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0CcCkyC2iBnfyxDw12JRoZvFPFM9D4XLIFsgKE4Op5Gu9HrjncwGbcHTh6-AuwfBacJeHsw5PsOSLpotyoQO9Z_8s1dstK780rdW6NfEjto2k9N0n_LvAkn7afcWeDH7w92cw9tzZUTn6MwiBbB-HONXLX6MjCaIZmho0QTOW8Unjv7M-09AyxSCCMTSDavR-YjwwDTKE93uqXYEsTlYe2DUdzOrm1_9HavpgdoSLUsTT0ort1jl4TEba9jok23UVpDx59kZF3BbkkfaoV5hV-9ZlJMXLYanieVsThGLimEDw2XPxRsfbMy3-Su4tqD0g8iqpisAXhpZ0bpa0E2dhCN1N33qqrMrN&sai=AMfl-YSbw1q63bKNZ6awiPACja6HAkH-6cyRqSiW5wM11aJ96dPUVzo0r-vqJ1RxiMpq7TjePeZHqq8NZfI0OpIpgI6rqXK8jDT6NzKPK8dyxe_XCUnUfpTtNbPV6e05O26nsxt5yunn5LWpz3g8Gpw&sig=Cg0ArKJSzIY1HkEyorsfEAE&uach_m=[UACH]&adurl=
Frame ID: 14A73C24768E35F0FDFEEFD354BA58E5
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0ecHy63o35MVArzz8rFoQJ4HsuITzHE8U1_JUniROpOTluDD19oLAkqfVzmcYWPYui70rORMvZPEdcD2orNeuG2Z5rifKf2ihEID5PBn5jltD7VJL4dm56Pq0d3MyMjWNSrX8pOXKKpmyU5YulfE-a_R10x9QhLFlRIYcCHtL9TmUz4T1iVg_DjWGDUwbA62iLGGK21YBZ5WjkDhJf0iG9i6tFgGtNR6hvyoGNCniXHY8YjYqfryzauLn88AUdmO8RRBDuz0TM44Q9ZsIdo5mponlQMAe1Y1Dk3Oxky8TlaG4_rDPaNpKi53qlDyKhjvVKMjxb_TKXVvKfK3sCdQY-uxo_Zzu59Y2&sai=AMfl-YQEDgXYFPGop9G_uLPTuC5j73lDMrMoH19vWuPRegM7L4r665E8BKbXO5CWyZNozRMhwSjqcbx_5lLwbNN-lCKZh_MupOMkSoDXNVi-LGDWs5gp7VLx4euhjKqdzeGbBXfEDZE6kIqHBaChPGk&sig=Cg0ArKJSzKJu4Y9sFqbPEAE&uach_m=[UACH]&adurl=
Frame ID: B7AE3BD89D8D76BF75F475C6C360841E
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: F32E58787E6556F357ED0327160EA5DF
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: F14D1CF25A65A72C2533C25DD16D6C6D
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 7D22FBDD97FCD8B64FA1440D6263A8F5
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Microsoft: Iranian espionage campaign targeted satellite and defense sectors | CyberScoop

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Page Statistics

117
Requests

98 %
HTTPS

69 %
IPv6

23
Domains

32
Subdomains

32
IPs

4
Countries

2261 kB
Transfer

5800 kB
Size

31
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fedscoop.com/?__hstc=143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1&__hssc=143679850.1.1694743940163&__hsfp=3460997391
Title: FedScoop

Search URL Search Domain Scan URL

URL: https://defensescoop.com/?__hstc=143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1&__hssc=143679850.1.1694743940163&__hsfp=3460997391
Title: DefenseScoop

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1&__hssc=143679850.1.1694743940163&__hsfp=3460997391
Title: StateScoop

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1&__hssc=143679850.1.1694743940163&__hsfp=3460997391
Title: EdScoop

Search URL Search Domain Scan URL

URL: https://workscoop.com/
Title: WorkScoop

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/oursolutions/
Title: Advertise

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2023/09/14/peach-sandstorm-password-spray-campaigns-enable-intelligence-collection-at-high-value-targets/
Title: Microsoft said in a report published Thursday

Search URL Search Domain Scan URL

URL: https://attack.mitre.org/groups/G0064/
Title: known otherwise

Search URL Search Domain Scan URL

URL: https://www.microsoft.com/en-us/security/blog/2020/04/23/protecting-organization-password-spray-attacks/
Title: password spray attacks

Search URL Search Domain Scan URL

URL: https://www.cyberwarcon.com/apt33
Title: previous Peach Sandstorm activity

Search URL Search Domain Scan URL

URL: https://www.reuters.com/article/cyber-shamoon-idUSL1N1YH0QC
Title: devastating destructive Shamoon malware attacks

Search URL Search Domain Scan URL

URL: https://securityintelligence.com/the-full-shamoon-how-the-devastating-malware-was-inserted-into-networks/
Title: other targets in subsequent years

Search URL Search Domain Scan URL

URL: https://www.washingtonpost.com/national-security/2023/09/11/us-iran-prisoner-exchange/
Title: Washington Post reported Monday

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://cyberscoop.com/iran-peach-sandstorm-apt33/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https://cyberscoop.com/iran-peach-sandstorm-apt33/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://cyberscoop.com/iran-peach-sandstorm-apt33/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/

Search URL Search Domain Scan URL

URL: https://www.fedscoop.com/wp-content/uploads/sites/5/2022/11/SNG_AdSpecs.pdf?__hstc=143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1&__hssc=143679850.1.1694743940163&__hsfp=3460997391
Title: Ad specs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop
Title: FB

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews
Title: TW

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews
Title: IG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 104

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1694743939475%26url%3Dhttps%253A%252F%252Fcyberscoop.com%252Firan-peach-sandstorm-apt33%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true&liSync=true&e_ipv6=AQKcVHp170PDEgAAAYqWnEtEIWlP8OZvC-fEMf_a5Vcc0K3VmaXUF5_RGtNj6kMqasV0ffHG_IvMEg

117 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cyberscoop.com/iran-peach-sandstorm-apt33/ 102 KB
22 KB 137ms
61ms Document
text/html 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.224.103.129 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-103-129.zrh50.r.cloudfront.net

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

9914ebd2c4af454a0eb407c0062e0066f6e8a9e1e8be3e1245c477b6df6db1c5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 1593
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 21943
content-type: text/html; charset=UTF-8
date: Fri, 15 Sep 2023 02:12:15 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://cyberscoop.com/wp-json/wp/v2/posts/77015>; rel="alternate"; type="application/json" <https://cyberscoop.com/?p=77015>; rel=shortlink
server: nginx
vary: Accept-Encoding
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
x-amz-cf-id: 8TZphaUoXaUzLnTQQKkcrbMQ7N1l4bP1kHF9U-Au3MzgEclXJs-fmQ==
x-amz-cf-pop: ZRH50-C1
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 85 188 443

GET
H2 200 style.min.css
cyberscoop.com/wp-includes/css/dist/block-library/ 102 KB
14 KB 2958ms
2952ms Stylesheet
text/css 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-includes/css/dist/block-library/style.min.css?m=1693959706g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 00:51:53 GMT
content-encoding: gzip
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
x-rq: hhn1 85 187 443
last-modified: Wed, 06 Sep 2023 00:21:46 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 782425
etag: W/"64f7c61a-19824"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xPbGckG52UEtG9yoMkDXjQOIbah2dYxq45ve8Cbd5H-E8RTzLN_sXQ==

GET
H2 200 related-posts-block-styles.min.css
cyberscoop.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 222 B
597 B 2956ms
2950ms Stylesheet
text/css 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?m=1693499496g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 05 Sep 2023 22:28:24 GMT
x-rq: hhn1 85 188 443
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified: Thu, 31 Aug 2023 16:31:36 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 791034
etag: "64f0c068-de"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 222
x-amz-cf-id: ZnCDcitxwTGErsWVO1tvkn9nAS5MgK60Uhkm0Ji9wftTaHNCUwIAIg==

GET
H2 200 frontend.css
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/ 156 KB
22 KB 2956ms
2951ms Stylesheet
text/css 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 75783968187c56c78610d0a173aa03b290f49329be303cb86feeafa9aa44625c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 31 Aug 2023 23:54:42 GMT
content-encoding: gzip
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Thu, 31 Aug 2023 23:48:47 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 1217856
etag: W/"64f126df-2713d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: mMdtuc8e8gH9mKUnwtHMDR0BglSfjHBiuCTgI8zsmISaZhzh3JRVnQ==

GET
H2 200 itk2qbh.css
use.typekit.net/ 6 KB
1 KB 3004ms
7ms Stylesheet
text/css 184.24.77.144
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

184.24.77.144 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a184-24-77-144.deploy.static.akamaitechnologies.com

Software

nginx /

Resource Hash

deba037b78c3c02c062545c841110d1489b59c78425c187ed03760a521541e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 15 Sep 2023 02:12:18 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 926

GET
H2 200 / Show response
cyberscoop.com/_static/ 99 KB
34 KB 2968ms
2964ms Script
application/javascript 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZpbGlqaW5gXkWAK/dIjA=
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: ea15eb7f6c01551306baad1fc7ceab62fa63a26cba6c52acb925e9dc1537637c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 00:51:53 GMT
content-encoding: gzip
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
x-rq: hhn1 85 187 443
last-modified: Wed, 06 Sep 2023 00:21:47 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 782425
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: bmn4XAN-yF1jLwxDvWgmN6waygDDQb8zdZ0KxPyzzwMQ1_RDaMtBfQ==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 97 KB
29 KB 3079ms
84ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9489b86dc96ec0758f097f493dccb705a895314d3150ec5527276baba8ad39e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 28843
x-xss-protection: 0
server: cafe
etag: 930 / 19615 / m202309120101 / config-hash: 163854635787547992
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:18 GMT

GET
H3 200 logo-cyber.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 2 KB
1 KB 16ms
16ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/logo-cyber.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:11:52 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1317626
x-amz-cf-pop: ZRH50-C1
etag: W/"64ecfbfa-8a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: e-EmPcSesFHxKwoYeFdZt1bh2cOaAgxGJrb2XTF1d8e7oKbFdgzaJw==

GET
H2 200 GettyImages-1138939276.jpeg
cyberscoop.com/wp-content/uploads/sites/3/2023/09/ 68 KB
68 KB 2979ms
2976ms Image
image/webp 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/09/GettyImages-1138939276.jpeg?resize=1013,675
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 4882037f680573c01992a409578e506cf5d63b45e4c6347352616329f40a009f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 17:48:05 GMT
x-rq: hhn1 109 200 443
via: 1.1 8455bcb2c0203b0c4ee93b610d75e69a.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 16:30:29 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
age: 30253
etag: "e07799ffad4c41a4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 69650
x-amz-cf-id: ZXqMRTXMC7CzWJC86EJH__m-tQ4axIO4rQznriZBD2XqzYFNQGnwJA==

GET
BLOB 200
OK 898c31fb-40ad-4c0b-971f-6a910023a858
https://cyberscoop.com/ 1 KB
0 Other
text/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://cyberscoop.com/898c31fb-40ad-4c0b-971f-6a910023a858
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Length: 1245
Content-Type: text/javascript

GET
H3 200 logo-sng.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/images/ 6 KB
3 KB 16ms
16ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/images/logo-sng.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 4e778181b46a001341499372efbad4f99a18674bce73c33dfd5021af138c1e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:11:52 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1317626
x-amz-cf-pop: ZRH50-C1
etag: W/"64ecfbfa-160e"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: E6aulTc99pfXTXqChjGN7Bjbog1kTiv757tjhTZGR_TaO953vjkmNw==

GET
H3 200 / Show response
cyberscoop.com/_static/ 51 KB
16 KB 16ms
16ms Script
application/javascript 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??-eJyNj9EOgjAMRX/IUYyi4cH4LcgKDLuVtJuGv3eQkPCkPp9z2lx4T6blEDFEmCj1Lig01gh2gjqsSJjAOo0wKnSyurYY9QA5daGlZFEXtjqvDFkWNDHNnSPKDkosvAu/IsEes9tEFiMpROfxn2z366s+MD91b2y7fTLb9OVWI4o0m1NRwyM5skDcWJRc3f3teKnPVXWtynL8AE5vdDM=
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: d0a0ead027889618d5d5a92ce9fb28a6238192f62fcb5130e2795bf70fc7392d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Tue, 12 Sep 2023 22:45:40 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 187 443
last-modified: Tue, 12 Sep 2023 22:25:00 GMT
server: nginx
age: 185198
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 7IL7zylILZ6Sz8YYIYHuKdp4V5TnT0BSdC2bmKZ_UYG4IBNvo2IGQA==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/cyberscoop.com/ 47 KB
18 KB 55ms
8ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/cyberscoop.com/p.js?ver=3.9.0
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 97abafbbf6f1bf56bb6aa432287d1b03ce0d83c3d1ec50a36a6e0e6050cce9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: public
date: Thu, 14 Sep 2023 05:40:56 GMT
content-encoding: gzip
via: 1.1 7ed0982309781d390a105a3ead66dbfa.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 17:46:45 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 73882
etag: W/"62225085-bd24"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: 6nHPPehjtl4s7Kfo_hzxX4zNBp3p-TZkGFdMZ7y8jtyUfn314Bq4sw==
expires: Fri, 15 Sep 2023 05:40:56 GMT

GET
H3 200 / Show response
cyberscoop.com/_static/ 36 KB
13 KB 16ms
16ms Script
application/javascript 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??/wp-includes/js/underscore.min.js,/wp-includes/js/wp-util.min.js,/wp-content/themes/scoopnewsgroup/dist/js/frontend.js?m=1693959707j
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 955fb33af80b1e86eb292046c05b724f6c41604066b2933e195b74e26069b664

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 06 Sep 2023 00:51:53 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 187 443
last-modified: Wed, 06 Sep 2023 00:21:47 GMT
server: nginx
age: 782425
x-amz-cf-pop: ZRH50-C1
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: cCg9ovK1wIHL4rmm5AWmiCnXajQ2LNTDYLw2SdPiJB4dMevsLdoaRQ==

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 867 B
1 KB 38ms
21ms Script
application/javascript 2606:4700::6810:bd59
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hs-scripts.com/2153467.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:bd59 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a706788fdea9887036259f73d08c20c9aaeb81c571f896609471ffaa43f773a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
x-hubspot-correlation-id: cd5d24d2-6798-47b4-a5b2-6cc251cbe0be
x-evy-trace-route-service-name: envoyset-translator
cf-polished: origSize=974
age: 54
x-envoy-upstream-service-time: 6
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: cd5d24d2-6798-47b4-a5b2-6cc251cbe0be
cf-bgj: minify
last-modified: Fri, 15 Sep 2023 02:11:24 GMT
server: cloudflare
x-trace: 2BC88FFE2B996169DDE12AE6957B47FFD969146DBC000000000000000000
access-control-max-age: 3600
vary: origin, Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://statescoop.com
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-6c94986c56-skvmq
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-virtual-host: all
cf-ray: 806d5811dc669b8c-FRA
expires: Fri, 15 Sep 2023 02:13:18 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 42ms
7ms Stylesheet
text/css 2a02:26f0:3100::1735:2a28
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=itk2qbh&ht=tk&f=9871.9872.9874.14602.24539.24540.24547.24548&a=95056288&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:2a28 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
last-modified: Fri, 23 Jun 2023 17:09:47 GMT
server: nginx
etag: "6495d1db-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/ 408 KB
129 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Thu, 14 Sep 2023 10:51:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55222
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 131633
x-xss-protection: 0
server: cafe
etag: 12671944107613252425
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Fri, 13 Sep 2024 10:51:56 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 36 B
64 B 58ms
42ms XHR
application/json 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aa72d136756ca75bc79ce7578ed75e5427bd33112c96b2b91cb0a7d7ebc347b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 211 KB
76 KB 45ms
23ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

328299dd468c9349262c85802d326e1465e32405a2b44af1b1fda7d630ee7930

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 77858
x-xss-protection: 0
last-modified: Fri, 15 Sep 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 15 Sep 2023 02:12:18 GMT

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 561 KB
51 KB 97ms
97ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2681351078322778&correlator=866284829795311&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=18430785%2Csng_cyberscoop%2Cap_top%2Cap_rightrail_1%2Cap_rightrail_2%2Cap_rightrail_3%2Cap_rightrail_4%2Cap_bottom%2Cap_inline_1%2Cap_inline_2%2Cap_inline_3&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9%2C%2F0%2F1%2F10&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%2C728x90%2C728x90%2C728x90&ifi=1&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694743938884&lmt=1694736738&adxs=315%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=149%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8%7C9&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&vis=1&psz=1472x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=201474006.1694743939&ga_sid=1694743939&ga_hid=535132154&ga_fc=false&dlt=1694743935698&idt=3148&prev_scp=pos%3Dtop%7Cpos%3Drightrail_1%7Cpos%3Drightrail_2%7Cpos%3Drightrail_3%7Cpos%3Drightrail_4%7Cpos%3Dbottom%7Cpos%3Dinline_1%7Cpos%3Dinline_1%7Cpos%3Dinline_1&cust_params=postId%3D77015%26category%3Dgeopolitics%252Cthreats%26tags%3Dapt33%252Ccyber-espionage%252Ciran%252Cmicrosoft%252Cshamoon%26author%3Daj-vicens%26environment%3Dproduction%26page_type%3Darticle&adks=1951456962%2C4107124343%2C4015763869%2C4220772384%2C3445260293%2C564576029%2C1365302924%2C1902044552%2C2608348809&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1ef8bdc52990643f1f115bea33c351f210f12d5dc718322eda6f0da002afa5fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 52539
x-xss-protection: 0
google-lineitem-id: 6353807198,6353807198,6353807198,6353807198,6353807198,6353807198,6353807198,6353807198,6353807198
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440738820,138440738793,138440738805,138440738454,138441451678,138441451666,138440738451,138441451657,138440738844
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame D0AF 6 KB
0 86ms
14ms Document
text/html 2a00:1450:4001:806::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:12:18 GMT
expires: Sat, 14 Sep 2024 02:12:18 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 logo-cyber.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 2 KB
1 KB 17ms
16ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/logo-cyber.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:11:52 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1317626
x-amz-cf-pop: ZRH50-C1
etag: W/"64ecfbfa-8a8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: iEkR804zcL-Wkj1Y-lIXIkab9hZHBfwdH_peIP6ZDAFmjJRvnKF2GQ==

GET
H3 200 pattern.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 299 B
603 B 15ms
15ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/pattern.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 3f43be92fe63af3e20c741cb5ef9fbcbe742bf78b6aafe693f31ed9720289d29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 02 Sep 2023 02:42:58 GMT
x-rq: hhn1 85 187 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Thu, 31 Aug 2023 23:48:47 GMT
server: nginx
age: 1121360
x-amz-cf-pop: ZRH50-C1
etag: "64f126df-12b"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 299
x-amz-cf-id: j1OmBQg9esMs53HuOcabskbppcv33l-TMyDK_AnXp3Nj9ihT5cfQvg==

GET
H3 200 icon-facebook.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 371 B
675 B 16ms
16ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-facebook.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 572c153f12ece183e602325e76c01dba662552713252e6799e8e6fbf827252eb

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 22:31:24 GMT
x-rq: hhn1 85 187 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1309254
x-amz-cf-pop: ZRH50-C1
etag: "64ecfbfa-173"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 371
x-amz-cf-id: eunGnufk7HW1AqLV_mTdfd1nI5BNT0TNBqeR-2Z3897seX9CkgMQRA==

GET
H3 200 icon-twitter.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 587 B
688 B 17ms
16ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-twitter.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: e21f3b2a0e9d2ff25f55f184242d809b2ecd045ee3fe35a4665b891b82bcb460

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:11:53 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1317625
x-amz-cf-pop: ZRH50-C1
etag: W/"64ecfbfa-24b"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: nEvbBKGFY6RGiAEfIx0wePWiEHRhKe1VKfPISfF5YPGjZhQVRRnuXg==

GET
H3 200 icon-linkedin.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 504 B
654 B 17ms
17ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-linkedin.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 9b7aaf2c55485b05c5c57fbd95ba6d098da8f8e1583f8946d882d9b3fb8c28ce

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 20:11:53 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 187 443
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1317625
x-amz-cf-pop: ZRH50-C1
etag: W/"64ecfbfa-1f8"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: xzJZX15Nm2S3aDDZwAaUEyQeL_5nfAiv9cNEMt9X3H-7g2I4AnizvQ==

GET
H3 200 icon-instagram.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 378 B
682 B 17ms
16ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-instagram.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: be82b86d9b21780a099f969767c8bf5a3dc1221eff1c11cc5463826fdbe14f31

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 30 Aug 2023 21:28:32 GMT
x-rq: hhn1 85 188 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Mon, 28 Aug 2023 19:56:42 GMT
server: nginx
age: 1313026
x-amz-cf-pop: ZRH50-C1
etag: "64ecfbfa-17a"
x-cache: Hit from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 378
x-amz-cf-id: OkV_pdtW_gviAnNDBj-wU2e-I2XqEvVV2pAP4If4QH5JZDCj2B-5ow==

GET
H2 200 l
use.typekit.net/af/b718ff/00000000000000007735f98d/30/ 46 KB
46 KB 41ms
7ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b718ff/00000000000000007735f98d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
server: nginx
etag: "8eb51f23928374af36bf65f02757cd5be6775093"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47332

GET
H2 200 l
use.typekit.net/af/4337b5/000000000000000000013144/27/ 115 KB
116 KB 43ms
10ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4337b5/000000000000000000013144/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6413983f57c8f999761ee0f4dc99b0f1fd6293626330e60c03d65a3bc071744f

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
server: nginx
etag: "2fdf8397680527e53165122163643d633320379f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 118028

GET
H2 200 l
use.typekit.net/af/5d97ff/00000000000000007735f999/30/ 47 KB
47 KB 56ms
23ms Font
application/font-woff2 2a02:26f0:480:f::213:7ec6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d97ff/00000000000000007735f999/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ec6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=7af46db108fbc62fdcc9
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
server: nginx
etag: "b4c0d041408776d043674f518c911c68d4f73f57"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48312

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 62 KB
24 KB 54ms
54ms Fetch
text/plain 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2681351078322778&correlator=866284829795311&output=ldjh&gdfp_req=1&vrg=202309120101&ptt=17&impl=fifs&iu_parts=18430785%2Csng_cyberscoop%2Cap_welcome&enc_prev_ius=%2F0%2F1%2F2&prev_iu_szs=640x480&ifi=10&sfv=1-0-40&sc=1&cookie_enabled=1&abxe=1&dt=1694743938926&lmt=1694736738&adxs=-12245933&adys=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=-1&ucis=a&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&u_tz=120&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&vis=1&psz=0x-1&msz=0x-1&fws=644&ohw=1600&ga_vid=201474006.1694743939&ga_sid=1694743939&ga_hid=535132154&ga_fc=false&dlt=1694743935698&idt=3148&prev_scp=pos%3Dwelcome&cust_params=postId%3D77015%26category%3Dgeopolitics%252Cthreats%26tags%3Dapt33%252Ccyber-espionage%252Ciran%252Cmicrosoft%252Cshamoon%26author%3Daj-vicens%26environment%3Dproduction%26page_type%3Darticle&adks=145983194&frm=20

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

86830eb7dbd3c5dd62c989ee720876b8aa87affdc42103b72c483da48d8424c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24229
x-xss-protection: 0
google-lineitem-id: 6353807198
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138440738790
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 GettyImages-1258715848.jpg
cyberscoop.com/wp-content/uploads/sites/3/2023/06/ 10 KB
10 KB 29ms
28ms Image
image/webp 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/06/GettyImages-1258715848.jpg?resize=506,337
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: c2bf7e14091dc45d25058cadba5e40f9cf3c189637e892d7ff68910cdd01844d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 16:30:33 GMT
x-rq: hhn1 109 27 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 14:02:51 GMT
server: nginx
age: 34905
x-amz-cf-pop: ZRH50-C1
etag: "40b08a8b3c1b4388"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10204
x-amz-cf-id: OGlAmJldgJH8yg0nt4vNy5jIsx-VWWpKgEe0RkppXijQQG1IUfkSLw==

GET
H3 200 GettyImages-1251809132.jpg
cyberscoop.com/wp-content/uploads/sites/3/2023/05/ 16 KB
16 KB 35ms
35ms Image
image/webp 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/05/GettyImages-1251809132.jpg?resize=252,168
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: dc59968ae968f3513978a2337e6dd550d8ff3dbc6953ca12696a65e5d6254bbf

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 16:30:33 GMT
x-rq: hhn1 109 196 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Mon, 31 Jul 2023 07:24:33 GMT
server: nginx
age: 34905
x-amz-cf-pop: ZRH50-C1
etag: "16d95c5b3049e1c4"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 16006
x-amz-cf-id: LNij8RGQ1YIOZfMSIJTcU77ZP090PY-7a991cf6m3RUFpq06J-Q9rA==

GET
H3 200 GettyImages-1243040546.jpg
cyberscoop.com/wp-content/uploads/sites/3/2022/09/ 10 KB
11 KB 27ms
26ms Image
image/webp 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2022/09/GettyImages-1243040546.jpg?resize=252,168
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 3473675703ccc7ff164b8fd441bf9cb77d636be5ae5b1256ae2f95414647f761

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 16:30:33 GMT
x-rq: hhn1 109 88 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Thu, 14 Sep 2023 16:30:33 GMT
server: nginx
age: 34905
x-amz-cf-pop: ZRH50-C1
etag: "e772a718c9e7877e"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 10682
x-amz-cf-id: LjSMjN7RhR_SpAvrO0el0TWfDYzHl459-hJ5HPSZg2bwg0IBnuT-PA==

GET
H3 200 Cyberscoop_Safemode_WebsiteImage-1.png
cyberscoop.com/wp-content/uploads/sites/3/2023/06/ 7 KB
7 KB 29ms
28ms Image
image/webp 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/06/Cyberscoop_Safemode_WebsiteImage-1.png?resize=300,201
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 88e1e438d4ab4523105efad092c386649376321a6504dbaa9499ffdd25ef165b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Mon, 04 Sep 2023 23:50:11 GMT
x-rq: hhn1 109 86 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 08:03:31 GMT
server: nginx
age: 872527
x-amz-cf-pop: ZRH50-C1
etag: "aa3a4fc4dc908ac8"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6824
x-amz-cf-id: vP03F3CA-b8sDt-MkAcmT96QO2GLkVjewHInKZ-dS324ZBb5BT8qNQ==

GET
H3 200 Cyberscoop_Safemode_WebsiteImage-2.png
cyberscoop.com/wp-content/uploads/sites/3/2023/07/ 7 KB
7 KB 29ms
29ms Image
image/webp 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/07/Cyberscoop_Safemode_WebsiteImage-2.png?resize=300,201
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 88e1e438d4ab4523105efad092c386649376321a6504dbaa9499ffdd25ef165b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 01 Sep 2023 07:48:39 GMT
x-rq: hhn1 109 86 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Fri, 28 Jul 2023 08:03:27 GMT
server: nginx
age: 1189419
x-amz-cf-pop: ZRH50-C1
etag: "caf455d9bedb3fff"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 6824
x-amz-cf-id: LwTlmVuvwGQUDHixEmaOCSPCXrnoyEjqF1Oxk3Ed8OKTo89yLxpBCw==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
257 B 147ms
31ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1694743938957&plid=28479543&idsite=cyberscoop.com&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&sref=&sts=1694743938955&slts=0&title=Microsoft%3A+Iranian+espionage+campaign+targeted+satellite+and+defense+sectors+%7C+CyberScoop&date=Fri+Sep+15+2023+04%3A12%3A18+GMT%2B0200+(Central+European+Summer+Time)&action=pageview&pvid=13217348&u=pid%3D7f03bea5f05620bd3b1dd094fc20c871
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Date: Fri, 15 Sep 2023 02:12:19 GMT
Cache-Control: no-cache
Last-Modified: Friday, 15-Sep-2023 02:12:19 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 icon-caret.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 373 B
673 B 30ms
30ms Image
image/svg+xml 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-caret.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 4397b39bca9ef7784f7ee354d27402a884e61e3adbf4d1e41ace0b688f8cf352

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1693525727g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:18 GMT
x-rq: hhn1 85 188 443
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
last-modified: Thu, 31 Aug 2023 23:48:47 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: "64f126df-175"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 373
x-amz-cf-id: 21hE0OREyKAbu7wNSEN2zHpeWOtMCzO3rvkgKCZI1LBFsDkWyphtdA==

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 12 KB
4 KB 55ms
7ms Script
application/x-javascript 2a02:26f0:3100::1735:2a3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 05 Sep 2023 13:41:52 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=49628
accept-ranges: bytes
content-length: 3822

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 37ms
7ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220024-FRA

GET
H2 200 hotjar-3095877.js Show response
static.hotjar.com/c/ 10 KB
4 KB 78ms
39ms Script
application/javascript 18.66.97.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3095877.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-53.fra56.r.cloudfront.net

Software

Resource Hash

df86c2ab6ec021077d33a213149fa193840601a76cc83ec33138d2f7ee3e2f89

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 02:12:19 GMT
via: 1.1 993c0866e705e48daa4fed5e30627712.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
etag: W/ff131f0ae2abde7d785d9abf8b3b200c
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: zX1irkN3B3ENNzUjviqBNeB43RKPALgErE2CCurYmAO6BWJpw2cwbA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 197 KB
53 KB 39ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 02:12:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 53155
x-xss-protection: 0
pragma: public
x-fb-debug: YxLnBwXXK7uYwuwAd45sWtPq1jKvUpgrXVupDuDzt5Kxmt1k+GTam+K2jDUckPQk+f/1++bqw/sudakGAT4mag==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
x-fb-optimizer: 0
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 240 KB
84 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:801::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T6DX9FEHNM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7eb01d917d023fedf4c73807870764650a9039589c18cc7ab9eca53d7de0a907

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 85501
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C3A 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss54DXhARSHcm9TigzO826Pq_wdYaiaSNpB0Qv6Zdko3zzv_dZNNDEWNdmhPToI0P3X0eshZ2z-1rivlaSbasuRchD2PfvJXpqQFJjUVRf9dHk-gKmAjLsmPrhWC0M4tUdf_ME-rJ_hWPrdHMuB2kq5nH_XTXSLyUKxxP02IY0PdKJoZ-4XkjJ4Gab76c6-A1GP-52TzYUaqBWIsLScoizpS6jvuDkBIXq1rL6LiXPgWWOg4itJkAE9_-ibel6tGa7JHK9hpcKS3PlGCl8is4bawg1LCKJaILRq-yohT5SR1mjEhwvvEGL_I2DYuQGIFK0Auv7NBa3IGU28D3Cfx1b1tGN6FjU&sai=AMfl-YQAHOMErDhxDR3L9ajLK14kPK8-drzSG7gDBfeBXrWnnI7gPsTxpo-33fjiaaHG3tDCTmT_gY0zuO7-ya478Tn1BmqPIJAcBD9CBIYo8sMtBGFG99ruodfnchkmaBaAGxtiEQGiAqyo_aToV9g&sig=Cg0ArKJSzOb8imPViFoMEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 8C3A 23 KB
9 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 8C3A 3 KB
1 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8C3A 182 KB
57 KB 73ms
29ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H2 200 8810433170650293968
tpc.googlesyndication.com/simgad/ Frame 8C3A 155 KB
155 KB 29ms
8ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8810433170650293968

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce24b992c543bcd3fcf25d2efe38e75dd4bcaf2f202ee803432144d4fda2b2ac

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 05:05:44 GMT
x-content-type-options: nosniff
age: 507995
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 158386
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 05:05:44 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2153467/ 66 KB
20 KB 415ms
388ms Script
text/javascript 2606:4700:4400::6812:22e5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2153467/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:22e5 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 46cbeb98f56be374c96078b4bd37e60c8905333c0157ff451dcf947bfb5d5c0d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-amz-version-id: 9X2I0RNkbJlTglr62p9NXul3VcFRoC0Q
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: 6E8FV2H42CS2J5SC
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 7cdffb67-7fe6-419a-a09e-d480895a09f7
x-envoy-upstream-service-time: 25
x-amz-id-2: ZZ0ULjY5tG9BQlU35mouCX4EhdG2NB3eDj7zG+H0j/MxXXLYCbb2vLLE4PhOsoTkKhtYk2P87cpg/jsUvOPpkBMPfzf1AHtdEUXPRT9ze10=
x-evy-trace-listener: listener_https
x-request-id: 7cdffb67-7fe6-419a-a09e-d480895a09f7
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 13 Sep 2023 14:19:31 GMT
server: cloudflare
etag: W/"a85de2714c90956fb975fff2ae48a7c9"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://defensescoop.com
x-evy-trace-virtual-host: all
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300,public
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-fznd8
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 806d581399ad2bd3-FRA
expires: Fri, 15 Sep 2023 02:17:19 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1694743800000/ 66 KB
21 KB 179ms
161ms Script
text/javascript 2606:4700::6810:4eba
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1694743800000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4eba , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ffaec4f0f045c2a34088b76e1eaf2deeac8a4c48f78bb4494192b1201804308

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: 2BT59J8N62KY6SMW
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
x-hubspot-correlation-id: 4cc21ccc-bd15-48cb-b0be-ef87b018f79e
x-envoy-upstream-service-time: 36
x-amz-id-2: hs0z1dHgpRg9PBy2iSuAsihWRtmHuel4Q3CynzkeVT83GkUZtQgg7NiqtnZmXXjxa7zLXiVAUQtXhbodq7b8oA==
x-evy-trace-listener: listener_https
x-request-id: 4cc21ccc-bd15-48cb-b0be-ef87b018f79e
x-evy-trace-route-configuration: listener_https/all
last-modified: Wed, 13 Sep 2023 14:19:31 GMT
server: cloudflare
etag: W/"920c255d7d85d445687dc66fe774dbf8"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-7dbb6c8f49-xs8lj
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 806d58138a01368a-FRA
expires: Fri, 15 Sep 2023 02:17:19 GMT

GET
H3 200 wp-emoji-release.min.js Show response
cyberscoop.com/wp-includes/js/ 18 KB
5 KB 32ms
31ms Script
application/javascript 13.224.103.129
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=6.3.1
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 13.224.103.129 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-224-103-129.zrh50.r.cloudfront.net
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/iran-peach-sandstorm-apt33/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
via: 1.1 9349ae4f82564896b96f5303b030d188.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Wed, 06 Sep 2023 00:21:47 GMT
server: nginx
x-amz-cf-pop: ZRH50-C1
etag: W/"64f7c61b-4904"
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8SqYjbl7mk8H3Ff1j3l5pyrFZeWdLulNGup3XPhBlmLLaEdZFNQCPw==

GET
DATA 200
OK truncated
/ Frame 8C3A 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f2e0eb6ca2ce0358f863f8005c4c9afb8824a07083e4513395524f1a5475e734

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 52 KB
21 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 15 Sep 2023 01:44:21 GMT
last-modified: Mon, 12 Jun 2023 18:23:07 GMT
server: Golfe2
age: 1678
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20994
expires: Fri, 15 Sep 2023 03:44:21 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86EA 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstMTTY9dvw07QZboPZ27EmRiswuBEoZc3wNobB6xRjaBHnqtM5ZJpOPPd6aY3ziJCS7gCamclmgyL1ZgHtG9vANhW-f8SvXPEjDEGM2Bt7fZwOdzuJ6nGHnfKUQ5t__Z9spF997kc4AzBR8r4BZEnRXeLOoOGwa7vylcQYQzPeFeDLaUOaBk2tvzsBaXtdgreWA2Z0qlNtPyKyj0XMXCr85BOe9VQUob6YmVZGco3yeYUnZdO5o1ChlJgkONxaZYuV0hIsSoqJWXwWM1RwgJ5V-3ZrS3pHxXp_fM8hsrK16eeH_6d8Hb5RUT2IOuLMog0eauZKNfdvmcY78Jgyq7rY-iOEFq8mYuwD7&sai=AMfl-YTxQm_tkL1PPZRP9FivEGpVTlh0m5J75ndJPXjcZsHNxW7XtBr0pAwU1-6LNeYyjc3C4fD_NNbtWGK-Md_ZZuA0DnuYGRSVzjCXaO0QP-js8gXWvWQAWAWVartueq1AHd-nHn0tWbJk-O9foI8&sig=Cg0ArKJSzFM9aY9vsaLDEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 86EA 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 86EA 3 KB
1 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 86EA 182 KB
57 KB 26ms
25ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H2 200 5084968542495714123
tpc.googlesyndication.com/simgad/ Frame 86EA 45 KB
45 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5084968542495714123

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afb6504813f5d39fd8cf40855767c68c2bf43bddd076f79fa797acdc930daea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 04:10:35 GMT
x-content-type-options: nosniff
age: 511304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46209
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 04:10:35 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92BC 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu4Xg9QmdI797OSMGtx-Wu-ZUw--9BNr4HzSbDMkBhsIiZ2lpTO0yvym4ljdWrJlVLtcOGIKH2J5V1dU7wEWCKM4JtQqPMnv46QnNhgW5Hw2AKJ52JlFbI4WiJbuIl7WuJjKIDsDxhMhoVp72a_z5cw0SAN_DlGDbSDvDlXFAKWxAuUVSe_JiYWgglaZw0U_75qBAlOwki4xFhTlAOSoXpNQZZVCF3uRxuuBqr1_76ZHFUEPqrA8Fzj1bg_m0Ur-RmJGhxtS2xy6h_9raGeXX5xBfn6QLOTlrcFAcf-urcEYd1_iA7loh4aE29BezypIS8JI9dkZG8OlT0bWlCSlARNDxhYKwC0&sai=AMfl-YRvPGlVGXOVPblF72BXivyxyWaPwFoxPxdFmdLn-hRk72GG9AppQzKJH_LWGMoGH7cxAkLat_EQ4HMasG0RCrREg3zI1v8RRTUX1bWzjrm0IH1dMgCMvNkXFcC-L5r7_NOKr1MafZj2rFKTrUs&sig=Cg0ArKJSzCxhe7vu0HlAEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 92BC 23 KB
9 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 92BC 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 92BC 182 KB
57 KB 23ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H2 200 14280774833388500076
tpc.googlesyndication.com/simgad/ Frame 92BC 56 KB
56 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/14280774833388500076

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

169ea3c7f0ccad9b018833f92ca2ea429439b3c175f013f750e037c39e410b7c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Wed, 13 Sep 2023 07:58:30 GMT
x-content-type-options: nosniff
age: 152029
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57504
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Thu, 12 Sep 2024 07:58:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFF0 0
0 45ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu6ci_abCwhxlumzUFF_0NOy8tPUIJRAXnJOy9wCCOx46c1cqsjHoxyAvnxSW9FDYDC-5ZhC7eKJCmdVeecuJ5ZRIX1Tv7pRbRAQ4IBQhTULjJ-wf_wGRLCZsJbx1VmLU1B_1j3Vlsvb7B1rWxTbq516-ECOGj8YDLQdYByhpqBxv7CEbG_blvC3-aqJ_6T0Q-A8991z6UVrEk6KVkl-hYw_sa25uEtt1pFX3_NMbzdx9vrg0J5Lso_WzuK8QgYioVwvT08hs0CI6AQZwH6_CV-5CnhWXKK7Gz6biYGVJc_n5Q9IAgKEdRTvFu_0Dab4pDA0gJiAjsKEpG9dvK4NyH2qxtDTqKzk4jd&sai=AMfl-YRR9LPwXa1H-U5fwFfgPhFUAAUNdKNcZt9biQ7pb3SZkOQ9vXLo17sWqgANrYV23CGIyEML1GO39bnzSmW4lKWgTSz7U4KrV_mrTUFSKlb1zrFniBiaG1hlXg5ahNUJjNorxHjz-BS7LjcEYQk&sig=Cg0ArKJSzHgfNe-obJU6EAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5084968542495714123
tpc.googlesyndication.com/simgad/ Frame DFF0 45 KB
45 KB 9ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5084968542495714123

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afb6504813f5d39fd8cf40855767c68c2bf43bddd076f79fa797acdc930daea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 04:10:35 GMT
x-content-type-options: nosniff
age: 511304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46209
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 04:10:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame DFF0 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame DFF0 3 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFF0 182 KB
57 KB 19ms
18ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 706E 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstj7LchKQa0jyW1b-p43INm3G6WLML6w84oCj5YYXC6jWUBtJyHNBHSClYwUwv1xz-W6hMGGBAzAABw5C0001Dq5mw845UAhAC_ru1BOU-33kojlWqS-cz9VOyEFXrzJUdBxhm3Qc2-6uTSBd2xcwWPrwCldcAlWYSu6Ut3TSwxWkXW7OsUaI8EwZBpfZlCUlf5ar2awwhk8zf070-QJHo8v07kZp8w9aErlQUioCYnBfkXU_DGiqpajcs6yqUurabQycrR-Eg2iuHH8pow9vt4YkMep8k7YfBNajD2opXX43B8UpfvTpVkewbiK8aiKFZXdiP7C_lvlCh08FujgLUZkA&sai=AMfl-YQSSCMue5jxBiospfbMpdbycX-k-VREL7N9MiJ0Gg0yxFnt61pdVOZRHq5ktDJBFfAYmHXK_v8Riqh529XtLgOCevd3E3X14y6iA5TBfudPnryW7NYl9dtPZE8H7TVtUwmFS2BeBWfRhzQRh1M&sig=Cg0ArKJSzOvEoqZIONUgEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 706E 23 KB
9 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 706E 3 KB
1 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 706E 182 KB
57 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 9446973692957128682
tpc.googlesyndication.com/simgad/ Frame 706E 146 KB
146 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9446973692957128682

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ac3d0be47e0d1b89fae0bf1f777eb5b37d995c2263cdf0bb2495165950399ada

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 08 Sep 2023 08:36:40 GMT
x-content-type-options: nosniff
age: 581739
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 149105
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sat, 07 Sep 2024 08:36:40 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 14A7 0
0 55ms
55ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu0CcCkyC2iBnfyxDw12JRoZvFPFM9D4XLIFsgKE4Op5Gu9HrjncwGbcHTh6-AuwfBacJeHsw5PsOSLpotyoQO9Z_8s1dstK780rdW6NfEjto2k9N0n_LvAkn7afcWeDH7w92cw9tzZUTn6MwiBbB-HONXLX6MjCaIZmho0QTOW8Unjv7M-09AyxSCCMTSDavR-YjwwDTKE93uqXYEsTlYe2DUdzOrm1_9HavpgdoSLUsTT0ort1jl4TEba9jok23UVpDx59kZF3BbkkfaoV5hV-9ZlJMXLYanieVsThGLimEDw2XPxRsfbMy3-Su4tqD0g8iqpisAXhpZ0bpa0E2dhCN1N33qqrMrN&sai=AMfl-YSbw1q63bKNZ6awiPACja6HAkH-6cyRqSiW5wM11aJ96dPUVzo0r-vqJ1RxiMpq7TjePeZHqq8NZfI0OpIpgI6rqXK8jDT6NzKPK8dyxe_XCUnUfpTtNbPV6e05O26nsxt5yunn5LWpz3g8Gpw&sig=Cg0ArKJSzIY1HkEyorsfEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5084968542495714123
tpc.googlesyndication.com/simgad/ Frame 14A7 45 KB
45 KB 9ms
9ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5084968542495714123

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afb6504813f5d39fd8cf40855767c68c2bf43bddd076f79fa797acdc930daea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 04:10:35 GMT
x-content-type-options: nosniff
age: 511304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46209
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 04:10:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame 14A7 23 KB
9 KB 10ms
9ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame 14A7 3 KB
1 KB 10ms
10ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 14A7 182 KB
57 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B7AE 0
0 132ms
132ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst0ecHy63o35MVArzz8rFoQJ4HsuITzHE8U1_JUniROpOTluDD19oLAkqfVzmcYWPYui70rORMvZPEdcD2orNeuG2Z5rifKf2ihEID5PBn5jltD7VJL4dm56Pq0d3MyMjWNSrX8pOXKKpmyU5YulfE-a_R10x9QhLFlRIYcCHtL9TmUz4T1iVg_DjWGDUwbA62iLGGK21YBZ5WjkDhJf0iG9i6tFgGtNR6hvyoGNCniXHY8YjYqfryzauLn88AUdmO8RRBDuz0TM44Q9ZsIdo5mponlQMAe1Y1Dk3Oxky8TlaG4_rDPaNpKi53qlDyKhjvVKMjxb_TKXVvKfK3sCdQY-uxo_Zzu59Y2&sai=AMfl-YQEDgXYFPGop9G_uLPTuC5j73lDMrMoH19vWuPRegM7L4r665E8BKbXO5CWyZNozRMhwSjqcbx_5lLwbNN-lCKZh_MupOMkSoDXNVi-LGDWs5gp7VLx4euhjKqdzeGbBXfEDZE6kIqHBaChPGk&sig=Cg0ArKJSzKJu4Y9sFqbPEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 5084968542495714123
tpc.googlesyndication.com/simgad/ Frame B7AE 45 KB
45 KB 7ms
7ms Image
image/png 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/5084968542495714123

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

afb6504813f5d39fd8cf40855767c68c2bf43bddd076f79fa797acdc930daea3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Sat, 09 Sep 2023 04:10:35 GMT
x-content-type-options: nosniff
age: 511304
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 46209
x-xss-protection: 0
last-modified: Tue, 25 Jul 2023 18:37:13 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Sun, 08 Sep 2024 04:10:35 GMT

GET
H3 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/ Frame B7AE 23 KB
9 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9135
x-xss-protection: 0
server: cafe
etag: 9583221549990841032
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/ Frame B7AE 3 KB
1 KB 9ms
8ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230913/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:00:02 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18737
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 28 Sep 2023 21:00:02 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B7AE 182 KB
57 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 57988
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1694604874705780"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
DATA 200
OK truncated
/ Frame 86EA 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb1fe2c4599c3447e3e6c9f9ae1a870bfaa32615ab95c777ea304299c68b16d9

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 92BC 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 417e15608275c8ec867293a5f328f797aba56305ab08a02a13be7a25829bb173

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame DFF0 208 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6d5687d0e00fbbb7b6664b8d751641105075d4232294dacd575f03fde7786d16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 706E 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 63441167f3a2af64574a95036ab1f73c0768ead970111c1991e35c4eab4ea488

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 14A7 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6fb78887b56ce6217bcd119d3286306b99ee067810e31e6ad2d2791c632c14b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame B7AE 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62d3d5b116b873e71f2c422a929e25a4ba2abaeb1fee5f2bfbf1979e10da7f26

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 insight.old.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 8ms
8ms Script
application/x-javascript 2a02:26f0:3100::1735:2a3b
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.old.min.js

Requested by

Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:2a3b Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Aug 2023 12:14:15 GMT
x-cdn: AKAM
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=45268
accept-ranges: bytes
content-length: 4862

GET
H2 200 modules.b1d0ab810250ab067071.js Show response
script.hotjar.com/ 223 KB
55 KB 43ms
9ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.b1d0ab810250ab067071.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3095877.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

de6532713adce1f41c54a9c16d67acb3b567f9b660a422dd81a2e9c562006c86

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 13:30:06 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 ade2b5e2170ccd4f394b741b27bb0eec.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 45733
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 55750
last-modified: Thu, 14 Sep 2023 13:29:45 GMT
etag: "6b776c41a374521051e75fc2d87b8d0a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -rPo88QRpuyzn11Y29ibPDEv5J75gzfwv3L3lksjVbIsLHs_jlqpDA==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8C3A 0
0 47ms
47ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsttsSqTrPB3ERsWF5Ou1rOMWMVSzq42hJgk24AsVCkRFJ8YN2dju5oNP9SVJgt2DTjpP9aZuqw9P11mXPNSIQexDxA-3n-0rz3leHO6wfbWY-76tktyKyoql8jEZEgdrwiHnIbc_QHGGxo94FvJdcamZrLI88bn9T5rLjiiwJkcxaCBpNQXbS1ZOOprBDcsY8lHu2Zq3mmr313okYY87Z8pkGNRPpPIEWM1xRYtxD9i-sX0ZoaRS5PJrYbdQ0eUGdWUhd0dI3uH_Yo-Rm_X8YKv9zbzZ-lr_2mYPjYPpYvh823vs3tnnkVi_xLssEvzSJ11p_stf6rbBxxQtOQFQlL9AOVQndRLhQ&sai=AMfl-YR6yFd0dHn6eaInzS_CfUP46Py8y7BZGWSn-87VKKGPCt-a_rYF4O-H7U9rtyqgdIdBA8fFRNvhARO9ly-xo4EMNqkUtbPqInHVIxbT6yzMZckUoJ6zgqHUslHXOSek2YLTaTQYcp8syquBHQs&sig=Cg0ArKJSzIkNqzxgzCl4EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H2 200 adsct
t.co/i/ 43 B
376 B 233ms
193ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6aa4d719-515e-4153-a710-734cd4455061&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b42c8c0b-5fe7-4cec-98ff-b554cfa45994&tw_document_href=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv8sr&type=javascript&version=2.3.29

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 180
date: Fri, 15 Sep 2023 02:12:19 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 907cfadd707be8fc
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: e5257c5801b349462ed2dbf229aec0b99329ea67bab9a241f0a36e9a1805c512
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
394 B 163ms
129ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6aa4d719-515e-4153-a710-734cd4455061&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=b42c8c0b-5fe7-4cec-98ff-b554cfa45994&tw_document_href=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv8sr&type=javascript&version=2.3.29

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

x-response-time: 115
date: Fri, 15 Sep 2023 02:12:19 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 6ef9f8ff87b564ca
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 4b0d5d5dcc9d9e7276ef5bde3564535fb047c8095a1e3d95fb97ec8806d4e2ca
content-length: 43

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
146 B 15ms
14ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j101&a=535132154&t=pageview&_s=1&dl=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&ul=en-us&de=UTF-8&dt=Microsoft%3A%20Iranian%20espionage%20campaign%20targeted%20satellite%20and%20defense%20sectors%20%7C%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAhAAEABAAAAACAAI~&jid=1524853948&gjid=30330599&cid=201474006.1694743939&tid=UA-80491860-1&_gid=682246890.1694743939&_r=1&_slc=1&gtm=45He39d0n81KR697BF&z=843121970

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 collect
www.google-analytics.com/ 35 B
194 B 7ms
7ms Image
image/gif 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j101&a=535132154&t=pageview&_s=1&dl=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&dp=%2Fwelcome%2Firan-peach-sandstorm-apt33%2F&ul=en-us&de=UTF-8&dt=Microsoft%3A%20Iranian%20espionage%20campaign%20targeted%20satellite%20and%20defense%20sectors%20%7C%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YAjAAEABAAAAACAAI~&jid=&gjid=&cid=201474006.1694743939&tid=UA-80491860-1&_gid=682246890.1694743939&gtm=45He39d0n81KR697BF&z=1234796450

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 14 Sep 2023 06:31:16 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 70863
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 896395920528126 Show response
connect.facebook.net/signals/config/ 489 KB
134 KB 10ms
9ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.127&r=stable&domain=cyberscoop.com

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

27138e8e0e3920e22b2091ba6cec2bbb2ae79a2de62076c04eaa7a60965c1851

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 15 Sep 2023 02:12:19 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 136997
x-xss-protection: 0
pragma: public
x-fb-debug: 9oz8ApA/JwZ1smYmkNS+3FH8Lp5i7UMjOX7c9QDFdeCAPy8RE9MRR81HgMLejl29TfQuU2xVBlDQpZzVs7ymPw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), camera=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), microphone=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 62ms
17ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T6DX9FEHNM&gtm=45je39d0&_p=535132154&cid=201474006.1694743939&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1694743939&sct=1&seg=0&dl=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&dt=Microsoft%3A%20Iranian%20espionage%20campaign%20targeted%20satellite%20and%20defense%20sectors%20%7C%20CyberScoop&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T6DX9FEHNM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:19 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame B7AE 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuWUY4NM8jhq_AbsN6EftgV_0zXzMXAeoF5jLCROHGr62oBlWdEZCz9Cv5HQ2wct85uZUBoW-0cjjAUWywToB6UCs5uPKkXRX0MN9mhnzMMUcwjPrnOkzWnPkj3r2ScKwg0CPhxlqE9Dq8w_pt2fxVRD1VFJoG2AXeEQwBjQpAlFQbBKvlW24cBBtXaE_eLch4u4wPrNFabbwPSUVJgLWwlBKG8IadK36y_KbQG_TPLrnpIWbPum0E-mKvqbMQM9zzslCoGHv6P6_i4EOmInyuQmLVnIQlIjjLK0Hj06bjmaoo6A9GfFGQLFp2DYt-T3lwo7bhz3PdPgp14Qw_cI8Bw1NBpzJ8xHjsBrbA&sai=AMfl-YQXnUGHkLVZVnvDJSikJt2xfjmmk9dSZ3BfGspCkOBHbB39Ni8NWP2U59rYCmYxhbeTmRuzWdgxfN7pDgF-p2JVwrKhJCT0zjcj0y0yrF5zUrkAy6WBS0YxJqUAKv1D9L1-67VG6A0Ubo6qRjM&sig=Cg0ArKJSzClKkmII1CAyEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 86EA 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvyVmf2b3jqVpVVEoPddMxOI2gLbc7VWIGxhqoOczPDRSmlzDFZfKRtNs_aX1KTybk3iFavre2fEKMXpCVDyDnAClLhMnqWsJaJ2Ms8NpmTfPIkgjHIMhav0tpXP1J5TTCX6xWuOFzhUDy8ySiqSu0LJcRfp_0Rn6w3QV-W2--j3x9pE33UxXJr3vcAGKXPYbXneqa7LQAPjPq4HD2OsOb8b5ujvEhdOqUcwVpztUrOlyyfGdFOFDfzMrSQyPIjvcD1Rt2AAgRe8CfCd6lEh_Jdc2KdEnMmU6MDC0eFxgWbsfYqIbR8pIESWcrQi1b_IIxq15bN4Ex-JcFmFozE1UXCrlZOvRcJU2crEG0&sai=AMfl-YSVB34zPFfwZizQBR80MviCOKSKNoMSct_Ip_qSA559qJWSEqwMlKtsxSGHkAjcUzo629ZDdq1WFIlRjze-ho--pkl4osQOdw_jv2R2jwucTrRPE4OzX3a5r5hkl5dfixCPDw_skrqchPBv38k&sig=Cg0ArKJSzAv9l_aKwbEuEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 92BC 0
0 45ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvS_wXf6E_fF_NTTaTWG8wJBr-EMkN6HaPMWOgjiVz2tKZORxh-8MECT21_kgZS6n0_-ts6aqKLLAgc4KNY7ZokHmlxLjNsIjEv6Eb4DXDkOH22R742nJ0hSmoLStBjW__UkjZ565cwvD6rkRS5f1_YyWywfUVqfTLs6CdsA14PWef_w7GnBFZVOpPB00Lh2piEu293rVXJyDfiZ2p0QgGmLzmpPuc_6oUO8DZoI0KS6hVL2jhKLtm_qSTfITzFYjKEDxqFXg25922du3Y-zoyq9B_PiMCG4bhLqcsaHkcxhWSJofxH4gGfjjD8pfp1jniMJc98Y8MWzBcnF_INmNo95vnNqgR4K2c&sai=AMfl-YQ1UwDhAUtyEaOrBR0_mdnZNlhFFjG11xYArkCfbPksG7sJgKLTv9Gb76tJ1k9PjgrN2dEwZzbeEUNrr3xnSiGMJEYv17u0NPQsCfaAu3auHQ7Ac-6yyH6PDrTSc2GA49fpTCDSsAfW2pNvwMY&sig=Cg0ArKJSzBddrTKIngALEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFF0 0
0 44ms
44ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJy3A7_JU9sXqZaPuTgrHITFl23ID2nuJrfrMsl10zN02qCjZCvJd067r1VG3zXK_hIGO2hDpxqIjBfog7XTqDAeyjydv6OVIi06Y67ucvsawqBmQNT0k4kwllu8n3Byq1SHp9A_cYC6N49Hp8gtxTn1_g3d-S7-_k2UoTSjQgY-2d3NHtNSc5p7SNlW6iatrL43rt0xvuMTXwLoVO7AqlJ4Kus63G4ariiJTYYzADlk3hCaldo4RBr_Ep7hmk_6tEdKBY4VeCC0qfb4TaNvahjnLjmoyhlXW_cgDp6nFI6XZPiq7wRXJvFGyjdbJOFoFmDxlIkiDKjyD3fU3DjpFM968zZgYbyBiawwU&sai=AMfl-YSP3UYgX9tzXxo6b_jKbKbzCndR_vtbUS0wtEFIJAEg5a9QplX24b3JzqMmIyc7mHIse7R1iO42IJjfk5yD-LKEVYtRtij9R4b5xOL7Om244kVlbAkKe387w2mzWWI7a1aYBVJMClYm0QxG3yo&sig=Cg0ArKJSzKS1E_F_wD9zEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 706E 0
0 46ms
45ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu-TodSI-MFSY6-uEt2qH6yCKFGGpFhrHGJxrIXU2vDVbRyplh0YILc31Og-OfyGiuBCEQHDTIpwif6iiO595pqu9cUsejIUQrPNbGeA809N0hNWEwKF6IktE-JihfGnrFwp3kIYnuIFyZ7YHW2oY3mNBPpNcswSiECMt4y6JRLFXwl4EDB93L8ZkJsOOmmZmF8zB7n7VBM9h1V4hbDHtZfU4A0mXU4GbZlpfPTlW1Wsp8uMFbRAN6GMYwKW4lignPhyCUZNSigF1-ZVy-Q9NCfKZXyU8RUkQzX40dKUMWn8RSNKJ79FURBFom0I6l1fbYQ6SqkrS6hJEzj9zH2awIv-dQM&sai=AMfl-YReXedlI-xr8HNqs4AxWexkpzIrYsiJFqVxONcIHp2cglr1eM7QZR23QqEYxVmbZpCRDM7odT5TLDRWWVdk2MopPGPLVZLXCWCNjeLP123fyaPcoQCj7BV49K7rQTk0-Dm7fsgGB69Kj9sIJkM&sig=Cg0ArKJSzG7vPVv-wHNFEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 14A7 0
0 46ms
46ms Fetch
image/gif 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstPGvcG_qNtkTftDmKSyosF2Tjke_6k_Zq4d7EPqqashWR_HsfNZcwtqrRVH0MelqFitCxX7z3kfMiZJKrckp1_j7DKDmwFiJ_AWkvw0Tm5k1yUBdemfIgZzTApBf2FxQxPgSXx8x23vHZZyX9bAe_Fn0YZX4PB8PjFZv11l9JK8WELELtlzDeEwpyYhGDFLqC0PSF15PCB-tq9mlByJDku9N9VCX96lqEB1RFks3xeQRZuOy9gb9c0oN8AexhwzKn2ZN-ZBuN488wY-U5pUog53B_CpYCRgiP9VOL0ZIkALU2CozXKYT3Bu8MJOgdGIZf5Jy5Zk82U71GN5CiklJwvaDc7r1lOdP6uKTE&sai=AMfl-YRWHyU59n5oe83CXXKFt6au9BBKPmWEM7Skjtqu-_029Kb4diXm0uJV1wkFZD1BpGuurVua9ZTTPUyMd1fZQ3cUuslTPGOaAt3q9t4f0m-7X8IgKH3WATgkJrywF7o1gNjUJtV9k4Z8wYw6DWg&sig=Cg0ArKJSzF2wcxEndC92EAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 15 Sep 2023 02:12:19 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/50036/domain/cyberscoop.com/ 36 B
400 B 56ms
9ms XHR
application/json 2600:9000:20eb:fc00:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/50036/domain/cyberscoop.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.old.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:fc00:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 01:50:47 GMT
content-encoding: gzip
via: 1.1 c2a926ef1bafe1ab239d4761594a8098.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1292
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=3600
x-amz-cf-id: VnxTt6HsVcZsibEWnYkVIKqHZxBiow0NbydekOVC4jbkEE5ItgQvQA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1694743939475%26url%3Dhttps%253A%252F%252Fcyberscoop.com%252Firan-...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true&liSync=true&e_ipv6=AQKcVHp170PDEgAAAYq...

0
267 B

192ms
130ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true&liSync=true&e_ipv6=AQKcVHp170PDEgAAAYqWnEtEIWlP8OZvC-fEMf_a5Vcc0K3VmaXUF5_RGtNj6kMqasV0ffHG_IvMEg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:19 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: 4B35BFBC09C84ACDB30E63F673C7D1C5 Ref B: FRAEDGE1417 Ref C: 2023-09-15T02:12:20Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lva1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFXFKIjWg68OVZUNFdqQ==

Redirect headers

date: Fri, 15 Sep 2023 02:12:18 GMT
x-li-pop: afd-prod-lva1-x
x-msedge-ref: Ref A: A5DFE1A8019F4D75ADD1D3992D19F6A4 Ref B: FRAEDGE1313 Ref C: 2023-09-15T02:12:19Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lva1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1694743939475&url=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&cookiesTest=true&liSync=true&e_ipv6=AQKcVHp170PDEgAAAYqWnEtEIWlP8OZvC-fEMf_a5Vcc0K3VmaXUF5_RGtNj6kMqasV0ffHG_IvMEg
x-li-proto: http/2
content-length: 0
x-li-uuid: AAYFXFKF6cCU+yGYZWUzPg==

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 51ms
17ms XHR
text/plain 2a00:1450:400c:c0a::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j101&tid=UA-80491860-1&cid=201474006.1694743939&jid=1524853948&gjid=30330599&_gid=682246890.1694743939&_u=YAhAAEAAAAAAACAAI~&z=1600375560

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0a::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 30ms
7ms Image
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&rl=&if=false&ts=1694743939532&sw=1600&sh=1200&v=2.9.127&r=stable&ec=0&o=30&fbp=fb.1.1694743939530.1422158503&cs_est=true&it=1694743939314&coo=false&rqm=GET

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 15 Sep 2023 02:12:19 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 42ms
20ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-80491860-1&cid=201474006.1694743939&jid=1524853948&_u=YAhAAEAAAAAAACAAI~&z=1148133173

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 41ms
19ms Image
image/gif 2a00:1450:4001:800::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j101&tid=UA-80491860-1&cid=201474006.1694743939&jid=1524853948&_u=YAhAAEAAAAAAACAAI~&z=1148133173

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:19 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 / Show response
www.facebook.com/tr/ Frame F32E 0
71 B 8ms
7ms Document
text/plain 2a03:2880:f176:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/iran-peach-sandstorm-apt33/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cyberscoop.com
Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://cyberscoop.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:12:20 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 16 KB
12 KB 80ms
57ms XHR
application/json 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202309120101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffa7daba7db19ac39864a7d859f9a337ff08bfc3cf80d62d33944cc2bea13508

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:20 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 12193
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 155ms
137ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3460997391&v=1.1&a=2153467&rcu=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&pu=https%3A%2F%2Fcyberscoop.com%2Firan-peach-sandstorm-apt33%2F&t=Microsoft%3A+Iranian+espionage+campaign+targeted+satellite+and+defense+sectors+%7C+CyberScoop&cts=1694743940167&vi=587bfc29585a89c975a260ead9ec5e1c&nc=true&u=143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1&b=143679850.1.1694743940163&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: 765e15e7-701a-4afd-a020-62ba8b39af36
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 15
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 765e15e7-701a-4afd-a020-62ba8b39af36
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VWBQ1tbdUOIR8qucM8MTGMrawpgkUFoKa5IK%2Fb0GiXxDvLxXSfXjxc7JnKnkh8Xc6HKiUBfpyaohOuaUJR9jGU7gxiiZteE7JOSw5J1XCbydtbcqhy2baZus%2BnkBSap8wyaCwdl%2B6fS6zeug%2BePU"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8555d4b97d-krkn8
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 806d581a2d259268-FRA
x-robots-tag: none

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Fri, 15 Sep 2023 02:12:20 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame F14D 13 KB
5 KB 8ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 18877
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Thu, 14 Sep 2023 20:57:43 GMT
expires: Fri, 13 Sep 2024 20:57:43 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7D22 829 B
992 B 23ms
22ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

3f77913171ef6c15346f2fe7202c4a922a1fc6ac46c86ca4a292784c16390ed1

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-SPnv0lanOnEA4EXsFsHLxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 535
content-security-policy: script-src 'report-sample' 'nonce-SPnv0lanOnEA4EXsFsHLxg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 15 Sep 2023 02:12:20 GMT
expires: Fri, 15 Sep 2023 02:12:20 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8C3A 42 B
174 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsteK8o5fCWnOle3lzsubLBqzxFkLh7oV_FHYH6BtDeEzWNCieftuFiEHd9fHBMyqbS4c7vP5eo991AkqvDJtiSN7wLFxzWiZpgWMfrS0jBq-W8TK7DsUgS9cdY306KX&sig=Cg0ArKJSzKXwZBzISDnEEAE&id=lidar2&mcvt=1000&p=362,479,842,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=145983194&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694743939063&rpt=216&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js Show response
pagead2.googlesyndication.com/bg/ Frame F14D 37 KB
14 KB 24ms
8ms Script
text/javascript 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/b6KMqTAYqBIA24ZWjqYq8V8pGhE_E2wERo_hclhyfAY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Thu, 14 Sep 2023 21:07:07 GMT
content-encoding: br
x-content-type-options: nosniff
age: 18313
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14647
x-xss-protection: 0
last-modified: Mon, 11 Sep 2023 20:08:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 13 Sep 2024 21:07:07 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 7D22 0
0 46ms
41ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202309120101&jk=2681351078322778&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame F14D 0
10 B 7ms
7ms Image
text/plain 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?-XqxUg
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

date: Fri, 15 Sep 2023 02:12:20 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DFF0 42 B
64 B 45ms
45ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvtXYaZwsJWwop3B2TpV8Kmh_UXa06xFdWnLsEDKf1hmbg2OX0Bmd16GKzJW2c42HCjDn6n8liB8Bh2Bq21aembQQHbw2_C6N6Ji1NeCmD7YBIqSWBPMHF251MaLMmA&sig=Cg0ArKJSzBtL6mtfA7AvEAE&id=lidar2&mcvt=1000&p=806,1143,1056,1443&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4015763869&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694743939152&rpt=269&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 86EA 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssMmpgs4JNph6i20__TmSA0bPwPMTWiwuuV0Y-eeK9pfP9pgOeT46JLKLw0gA4a3m5Dysb_rwhhKNERVk2-3wagGPYgyKZNw0qlwUUmLdX75mGzwd7qvgU294HGl4S_&sig=Cg0ArKJSzL50UrbmZU80EAE&id=lidar2&mcvt=1001&p=524,1143,774,1443&mtos=1001,1001,1001,1001,1001&tos=1001,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=4107124343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694743939128&rpt=256&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 706E 42 B
64 B 46ms
46ms Fetch
image/gif 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsukGgsV2t9ymtQpo8nWsx4dd5ew-GLVo6Dt3S0JK3Fj4j8XjDvBdu_YBuyh3ur_uIQK-ju0YE-wISM3C2nynf3n2wFh4UN654kJ8jlICK_mCTNzGB9L3obc-Ztb-EVj&sig=Cg0ArKJSzFDWVzZyz2qcEAE&id=lidar2&mcvt=1003&p=24,315,274,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230913&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=1951456962&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1694743939186&rpt=253&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0&ffslot=0&reach=0&io2=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 15 Sep 2023 02:12:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 43ms
43ms Image
text/html 2a00:1450:4001:81c::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202309120101&jk=2681351078322778&bg=!U1ClUB_NAAZQjyUVcI87ADQBe5WfOI2GsVe4OHhExL6mlyQcmLjt69roCGdcROTFGfn4tLrqtW2JhQLqIuh0TsI9f5o6AgAAAE9SAAAABmgBB5kCsBKWbwwuUM4aK1YR9f4KWlwAELI25_5gRClCPDb9eTUcDHWZcXHrm5gU1y75rcls_ZseLoIlc4nMI5qL-OXnifBMwjuR9mtY0xBgt15ccEJ48wn_cCViT6XP7aEhG3Q4_QpKjFdWt8WknzW-9PoqaO_5rhQkDCiKzQAM-YtKtBru-J_rhW3KJnoDr3Ouml6APSKQmHKAJJLqb62RUXqHiijrv00YZgkszaoBGdADQe53M9aGHJ1qXY6pqTiseIHfvLBc-vSWG120zcWGEV1QyuIRyMgFhOQM1lo6rc1HaXYLuGRmbPNZmiCKx_Hq6_bkeoGuaRdQHOBHVMBup-Qr1G8j4ZW4VdufhORBi6Gd1rILKTC95Td3VsLBxd6zedPkLo1QpDcTE_MkYH8J2PR0ZagL1JA5KB772uXLUQHbH9KvUZKEfx-GDAVeQGMfl8jeda6MjVwZd1u_v8jUEzMPWniMCS1UilrBx9C424dzTvbI8st7VZ8UMrl4PX-CiSiwvoLTBqVNqhwM7tESLZI6nqUCQlL5ORd8HKjnPgvlS3pjd-BKDrh2Ukx6ErZEnhXg_8ifPs_tWtfnqOFa7SVI5VQhrmmJjvUYCNF4LTeVvVMKDu22jxRO_hlzjUJIjBPKRN6x8U1wDOY_eLhiHx7AMPYviAsgfzc6PXwD_J52v7AAefWKLx2BxSMBg7vE1tRyJ2d59m_gY9Ee4gFk84fJt-IIPN4le9pvowkz2ewamF2MHGVSVq2vDJjtcpw2w4TmYkxnL8gYXN4hwccuX63De7sBlFOlqx2xe1m_742WyLTl-P3LcmyTQqZiRG6z_O2-QVeHJG_lf_8-PewwalUZzoRWRhIRBMET_NvGKOJQLjDcXIkQ9A2YNvJiq5uYvoJyD1ObsyQQc6oGZNPKSh721II
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:81c::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.187 Safari/537.36

Response headers

Verdicts & Comments Add Verdict or Comment

71 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cyberscoop.com/	1970-01-20 14:47:10	Name: sng_interstitial Value: 1
.cyberscoop.com/	1970-01-20 14:45:45	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://cyberscoop.com/iran-peach-sandstorm-apt33/%22%2C%22sref%22:%22%22%2C%22sts%22:1694743938955%2C%22slts%22:0}
.cyberscoop.com/	1970-01-21 00:15:07	Name: _parsely_visitor Value: {%22id%22:%22pid=7f03bea5f05620bd3b1dd094fc20c871%22%2C%22session_count%22:1%2C%22last_session_ts%22:1694743938955}
.cyberscoop.com/	1970-01-21 00:07:19	Name: __gads Value: ID=1386e4a7b1a83c61:T=1694743938:RT=1694743938:S=ALNI_Main7-R1gz2JkXB52KEl0MAGGIhKQ
.cyberscoop.com/	1970-01-21 00:07:19	Name: __gpi Value: UID=00000c7607dc7086:T=1694743938:RT=1694743938:S=ALNI_MaGsnqIQl37kCoVdqETdO_W9wgrcA
.doubleclick.net/	1970-01-21 00:07:19	Name: IDE Value: AHWqTUlB7QZZNyZ48oW4s4sUz8x-IX_eZbJi70WXjDLNOc5zsaeBR-p0tqmQdiXKoEA
.cyberscoop.com/	1970-01-20 14:47:10	Name: _gid Value: GA1.2.682246890.1694743939
.cyberscoop.com/	1970-01-20 14:45:43	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-21 00:21:43	Name: _ga_T6DX9FEHNM Value: GS1.1.1694743939.1.0.1694743939.0.0.0
.cyberscoop.com/	1970-01-21 00:21:43	Name: _ga Value: GA1.1.201474006.1694743939
.twitter.com/	1970-01-21 00:21:43	Name: personalization_id Value: "v1_1mdptDh5yt7rNNaFtwOCdQ=="
.cyberscoop.com/	1970-01-20 23:31:19	Name: _hjSessionUser_3095877 Value: eyJpZCI6IjNiNDI1ZGQxLTU5MDktNTZiMi04Mjk5LTBhZjFjNjhlNGM4MCIsImNyZWF0ZWQiOjE2OTQ3NDM5Mzk1MTEsImV4aXN0aW5nIjpmYWxzZX0=
.cyberscoop.com/	1970-01-20 14:45:45	Name: _hjFirstSeen Value: 1
.cyberscoop.com/	1970-01-20 14:45:44	Name: _hjIncludedInSessionSample_3095877 Value: 0
.cyberscoop.com/	1970-01-20 14:45:45	Name: _hjSession_3095877 Value: eyJpZCI6IjA4Yjk5MzRkLTEzMmItNDJhMC1hYmU5LWQwZTA5ZWE4NTRjMSIsImNyZWF0ZWQiOjE2OTQ3NDM5Mzk1MTEsImluU2FtcGxlIjpmYWxzZX0=
.cyberscoop.com/	1970-01-20 14:45:45	Name: _hjAbsoluteSessionInProgress Value: 0
.t.co/	1970-01-21 00:21:43	Name: muc_ads Value: 20751888-b7f7-4ccc-b717-b6caf6adb0ad
.cyberscoop.com/	1970-01-20 16:55:19	Name: _fbp Value: fb.1.1694743939530.1422158503
cyberscoop.com/	1970-01-20 14:47:10	Name: ln_or Value: eyI1MDAzNiI6ImQifQ%3D%3D
.linkedin.com/	1970-01-20 16:55:19	Name: li_sugr Value: 7e4c6b34-dcb7-42a2-af1a-f8cad7656ff1
.linkedin.com/	1970-01-20 23:31:19	Name: bcookie Value: "v=2&26f88689-1a8e-48a4-86f2-f3aeb04ac6e2"
.linkedin.com/	1970-01-20 14:47:10	Name: lidc Value: "b=VGST02:s=V:r=V:a=V:p=V:g=2985:u=1:x=1:i=1694743939:t=1694830339:v=2:sig=AQF-rzvtVDDaoC7YdB5dAtKFeFwBZ-gZ"
.linkedin.com/	1970-01-20 15:28:55	Name: UserMatchHistory Value: AQKySfv1tjd2WgAAAYqWnEpTJIe0biRVKHkIqeSUs-5PmOd8Rwb4uveXtzG6w3otuAqgKYx5IgBLjQ
.linkedin.com/	1970-01-20 15:28:55	Name: AnalyticsSyncHistory Value: AQKa1hLsXZtzsAAAAYqWnEpTHGi8FjmtCol4ZxwQjkDx8oKjnVAKjVAX8rj4Rq-iBoYzx4dElLgHbFoSCNyDfw
.www.linkedin.com/	1970-01-20 23:31:19	Name: bscookie Value: "v=1&202309150212194c3710c1-0db7-4941-8bfd-30beaecf50efAQFkVRe3AxozwojRIgscU7GOX5D_MI08"
.linkedin.com/	1970-01-20 19:04:55	Name: li_gc Value: MTswOzE2OTQ3NDM5Mzk7MjswMjFELoWb6861dX+Kl2ptFhaCpwpEbPEvxU8DHoOGO2bgHQ==
.cyberscoop.com/	1970-01-20 19:04:55	Name: __hstc Value: 143679850.587bfc29585a89c975a260ead9ec5e1c.1694743940162.1694743940162.1694743940162.1
.cyberscoop.com/	1970-01-20 19:04:55	Name: hubspotutk Value: 587bfc29585a89c975a260ead9ec5e1c
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 14:45:45	Name: __hssc Value: 143679850.1.1694743940163
.hubspot.com/	1970-01-20 14:45:45	Name: __cf_bm Value: K83ShkXQdbE3BPAC366tqDIX_n50BqimhjmdHUwsMvQ-1694743940-0-AcPzgGXNk51jlQEorHlmqfJwRYb+OuY1XRrpAxPH+2JDC4ltHtoxck4jWPyX52CRynmCoVJbZgwu5jmXKE6hyuY=

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202309120101/pubads_impl.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.twitter.com
ca49d8473dd072baf96dd5e795fbdc75.safeframe.googlesyndication.com
cdn.linkedin.oribi.io
cdn.parsely.com
connect.facebook.net
cyberscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track.hubspot.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.195
104.244.42.69
13.107.42.14
13.224.103.129
146.75.120.157
18.66.100.58
18.66.97.53
184.24.77.144
2001:4860:4802:34::36
2600:9000:20eb:fc00:2:53b2:240:93a1
2606:4700:4400::6812:22e5
2606:4700::6810:4eba
2606:4700::6810:bd59
2606:4700::6813:9a53
2620:1ec:21::14
2a00:1450:4001:800::2003
2a00:1450:4001:801::2008
2a00:1450:4001:806::2001
2a00:1450:4001:80f::200e
2a00:1450:4001:81c::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:830::2002
2a00:1450:400c:c0a::9b
2a02:26f0:3100::1735:2a28
2a02:26f0:3100::1735:2a3b
2a02:26f0:480:f::213:7ec6
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f176:181:face:b00c:0:25de
52.222.236.43
63.34.81.234
012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89
04d75f9be78718605473f6f76319f2120d63e73e3c789b2b41d78896cbe13f63
169ea3c7f0ccad9b018833f92ca2ea429439b3c175f013f750e037c39e410b7c
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1ef8bdc52990643f1f115bea33c351f210f12d5dc718322eda6f0da002afa5fd
27138e8e0e3920e22b2091ba6cec2bbb2ae79a2de62076c04eaa7a60965c1851
28a26321734fb5f8c8fe42b5503f162fdf1469bf97e2d9c503a83cc2b3c534cd
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
328299dd468c9349262c85802d326e1465e32405a2b44af1b1fda7d630ee7930
3473675703ccc7ff164b8fd441bf9cb77d636be5ae5b1256ae2f95414647f761
37b564138a8c782c7ef7f804054712a1bb75a63677dca0e6e186b82102aebb93
3aa72d136756ca75bc79ce7578ed75e5427bd33112c96b2b91cb0a7d7ebc347b
3f43be92fe63af3e20c741cb5ef9fbcbe742bf78b6aafe693f31ed9720289d29
3f77913171ef6c15346f2fe7202c4a922a1fc6ac46c86ca4a292784c16390ed1
417e15608275c8ec867293a5f328f797aba56305ab08a02a13be7a25829bb173
4397b39bca9ef7784f7ee354d27402a884e61e3adbf4d1e41ace0b688f8cf352
453cb806084fdabec32e286af2e88899f79022125c2527afffbec507975d2c22
46cbeb98f56be374c96078b4bd37e60c8905333c0157ff451dcf947bfb5d5c0d
4882037f680573c01992a409578e506cf5d63b45e4c6347352616329f40a009f
4e778181b46a001341499372efbad4f99a18674bce73c33dfd5021af138c1e8b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572c153f12ece183e602325e76c01dba662552713252e6799e8e6fbf827252eb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
62d3d5b116b873e71f2c422a929e25a4ba2abaeb1fee5f2bfbf1979e10da7f26
63441167f3a2af64574a95036ab1f73c0768ead970111c1991e35c4eab4ea488
6413983f57c8f999761ee0f4dc99b0f1fd6293626330e60c03d65a3bc071744f
66e58d37cc4b8168a1bd6678e085b43e939eb138fe608b7faffe3b1ba76b0c7b
67447c3656caad630373253691f3e8f64467eafd6e7305c9b0e98111b0b41694
6d5687d0e00fbbb7b6664b8d751641105075d4232294dacd575f03fde7786d16
6fa28ca93018a81200db86568ea62af15f291a113f136c04468fe17258727c06
75783968187c56c78610d0a173aa03b290f49329be303cb86feeafa9aa44625c
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7eb01d917d023fedf4c73807870764650a9039589c18cc7ab9eca53d7de0a907
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86830eb7dbd3c5dd62c989ee720876b8aa87affdc42103b72c483da48d8424c5
88e1e438d4ab4523105efad092c386649376321a6504dbaa9499ffdd25ef165b
8ffaec4f0f045c2a34088b76e1eaf2deeac8a4c48f78bb4494192b1201804308
9489b86dc96ec0758f097f493dccb705a895314d3150ec5527276baba8ad39e1
955fb33af80b1e86eb292046c05b724f6c41604066b2933e195b74e26069b664
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
97abafbbf6f1bf56bb6aa432287d1b03ce0d83c3d1ec50a36a6e0e6050cce9b0
987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1
9914ebd2c4af454a0eb407c0062e0066f6e8a9e1e8be3e1245c477b6df6db1c5
9941d25da2d400e2cbc1c979d7ecae4a9b418158d3825d03e09650e0799dcefb
9b7aaf2c55485b05c5c57fbd95ba6d098da8f8e1583f8946d882d9b3fb8c28ce
a706788fdea9887036259f73d08c20c9aaeb81c571f896609471ffaa43f773a1
ac3d0be47e0d1b89fae0bf1f777eb5b37d995c2263cdf0bb2495165950399ada
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
afb6504813f5d39fd8cf40855767c68c2bf43bddd076f79fa797acdc930daea3
b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49
bb1fe2c4599c3447e3e6c9f9ae1a870bfaa32615ab95c777ea304299c68b16d9
be82b86d9b21780a099f969767c8bf5a3dc1221eff1c11cc5463826fdbe14f31
c2bf7e14091dc45d25058cadba5e40f9cf3c189637e892d7ff68910cdd01844d
ce24b992c543bcd3fcf25d2efe38e75dd4bcaf2f202ee803432144d4fda2b2ac
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d0a0ead027889618d5d5a92ce9fb28a6238192f62fcb5130e2795bf70fc7392d
d6fb78887b56ce6217bcd119d3286306b99ee067810e31e6ad2d2791c632c14b
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc59968ae968f3513978a2337e6dd550d8ff3dbc6953ca12696a65e5d6254bbf
de36e50194320a7d3ef1ace9bd34a875a8bd458b253c061979dd628e9bf49afd
de6532713adce1f41c54a9c16d67acb3b567f9b660a422dd81a2e9c562006c86
deba037b78c3c02c062545c841110d1489b59c78425c187ed03760a521541e50
df86c2ab6ec021077d33a213149fa193840601a76cc83ec33138d2f7ee3e2f89
e21f3b2a0e9d2ff25f55f184242d809b2ecd045ee3fe35a4665b891b82bcb460
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
ea15eb7f6c01551306baad1fc7ceab62fa63a26cba6c52acb925e9dc1537637c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2e0eb6ca2ce0358f863f8005c4c9afb8824a07083e4513395524f1a5475e734
fa53fcd8da139d256c0ca83b69cb37473ca627b6052368ed3327c80d9fb61e25
ffa7daba7db19ac39864a7d859f9a337ff08bfc3cf80d62d33944cc2bea13508

cyberscoop.com Open in urlscan Pro 13.224.103.129 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

117 Requests

98 %HTTPS

69 %IPv6

23 Domains

32 Subdomains

32 IPs

4 Countries

2261 kBTransfer

5800 kBSize

31 Cookies

22 Outgoing links

Redirected requests

117 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cyberscoop.com Open in urlscan Pro
13.224.103.129 Public Scan

Screenshot
Live screenshot

Full Image

117
Requests

98 %
HTTPS

69 %
IPv6

23
Domains

32
Subdomains

32
IPs

4
Countries

2261 kB
Transfer

5800 kB
Size

31
Cookies

117 HTTP transactions
7 data transactions