www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3p...
Effective URL:
https://www.cyberscoop.com/ransomware-iconstituent-congress/
Submission: On June 14 via api (June 14th 2021, 2:10:03 am UTC) from US

Summary HTTP 254 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 45 IPs in 4 countries across 31 domains to perform 254 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 39	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	199.232.137.44 199.232.137.44	54113 (FASTLY) (FASTLY)
21	172.217.18.98 172.217.18.98	15169 (GOOGLE) (GOOGLE)
11	52.217.47.70 52.217.47.70	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b749	13335 (CLOUDFLAR...) (CLOUDFLARENET)
23	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d2cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
2	2a00:1450:400... 2a00:1450:4001:812::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
29	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:804::2001	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:44b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:80f::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
3 6	52.18.126.50 52.18.126.50	16509 (AMAZON-02) (AMAZON-02)
21	2a00:1450:400... 2a00:1450:4001:811::2006	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
3	142.250.185.198 142.250.185.198	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
3	3.12.243.139 3.12.243.139	16509 (AMAZON-02) (AMAZON-02)
3	3.140.174.87 3.140.174.87	16509 (AMAZON-02) (AMAZON-02)
3	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
9	52.49.37.161 52.49.37.161	16509 (AMAZON-02) (AMAZON-02)
6	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	104.244.42.67 104.244.42.67	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
254	45

2 2606:2c40::c73c:67e1 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.137.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 172.217.18.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s42-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.217.47.70 (Ashburn, United States)

ASN16509 (AMAZON-02, US)

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b749 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

23 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d2cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:804::2001 (Ireland)

ASN15169 (GOOGLE, US)

efec5319556ee1232c8145e9121a9e93.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:44b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:80f::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.18.126.50 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:811::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.198 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.12.243.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-243-139.us-east-2.compute.amazonaws.com

tags.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 3.140.174.87 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-174-87.us-east-2.compute.amazonaws.com

events.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 52.49.37.161 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.67 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	googlesyndication.com efec5319556ee1232c8145e9121a9e93.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com	367 KB
39	cyberscoop.com 4 redirects www.cyberscoop.com	272 KB
31	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	674 KB
23	googletagservices.com www.googletagservices.com	560 KB
21	2mdn.net s0.2mdn.net	2 MB
21	adsafeprotected.com 3 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	280 KB
11	google.com www.google.com adservice.google.com	4 KB
11	amazonaws.com s3.amazonaws.com	54 KB
6	mmi360.net tags.mmi360.net events.mmi360.net	403 B
5	google.de www.google.de adservice.google.de	1 KB
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	4 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	atdmt.com ad.atdmt.com	1 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	1 KB
2	facebook.com www.facebook.com	266 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	98 KB
2	addtoany.com static.addtoany.com	60 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	3 KB
1	twitter.com analytics.twitter.com	658 B
1	hs-analytics.net js.hs-analytics.net	19 KB
1	hs-banner.com js.hs-banner.com	15 KB
1	t.co t.co	455 B
1	hs-scripts.com js.hs-scripts.com	901 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	hsforms.net js.hsforms.net	135 KB
1	taboola.com cdn.taboola.com	23 KB
254	31

	Domain	Requested by
39	www.cyberscoop.com	4 redirects hubspot.fedscoop.com www.cyberscoop.com
27	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.cyberscoop.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com tpc.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com ad.doubleclick.net fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
23	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com www.googletagservices.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
21	s0.2mdn.net	3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com s0.2mdn.net 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
21	securepubads.g.doubleclick.net	www.cyberscoop.com www.googletagservices.com securepubads.g.doubleclick.net hubspot.fedscoop.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
9	static.adsafeprotected.com	pixel.adsafeprotected.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
6	dt.adsafeprotected.com	01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com www.cyberscoop.com
6	googleads4.g.doubleclick.net	ad.doubleclick.net
6	pixel.adsafeprotected.com	3 redirects 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
6	www.google.com	www.cyberscoop.com tpc.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	ad.atdmt.com	5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
3	events.mmi360.net	5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
3	tags.mmi360.net	ad.doubleclick.net
3	ad.doubleclick.net	www.googletagservices.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	track.hubspot.com
2	01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	hubspot.fedscoop.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hs-banner.com	js.hs-scripts.com
1	efec5319556ee1232c8145e9121a9e93.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.cyberscoop.com
1	t.co	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
254	47

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
thehill.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tags.mmi360.net Amazon	`2021-03-04` - `2022-04-02`	a year	crt.sh
events.mmi360.net Amazon	`2021-05-04` - `2022-06-02`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-05-15` - `2021-08-13`	3 months	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2021-05-26` - `2022-06-17`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh

This page contains 27 frames:

Primary Page: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Frame ID: 53C688A8C67FB270AD46D628FF67B3E2
Requests: 88 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
Frame ID: 5E4020976858A32F18D13E4A50EC7956
Requests: 9 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
Frame ID: D59D2D82F596B714DCBDF699797DFE7A
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
Frame ID: 3CAD00CBC3BEA579302836C1506AA3B0
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
Frame ID: 4E2F1D1C23569087BC8AD9C1347EC0D2
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNMealSRRSD_AlL-yBxVx8H6iqUTitUCamZgsXYtK_FSVI1-3MzuygmtM9EO0aP2TGyQvwKuGh8l0yPHXVpDIXJ90a3IJS0d9CtBZ0ihU7_IY-BEuBXgmPDgDq_6mjPrtTND1Bd9ZzWmhD0ZxUK0CU8Ht2JBcIXGh2ioqWyNE1nQGUmlIsxKiEabq30t3T0TMHlLTxn5d8FFRe6Cu9jUnPfBx9EEI5lLxMzP1ezmet3y2hxsUaF5_FsPVssSf0BOTCsUShafg26g65mxMxDedgYMTb2pHQMTCKn1mi_PA&sai=AMfl-YRk0nVaXjGgeKxmRe-CE6utqwTsLcZAywDUFfsTn8gmV3AOucv2Hp-n_iSnb64ersElMfoAdWAXQEVjvitvjeSlGEbbR08JChLxctCo1mPp5v9NAqBDkr51FgLfOMJo&sig=Cg0ArKJSzFD_c0hNqYS2EAE&adurl=
Frame ID: 9AD8AD179B1028B6AA40F592DB54F0CC
Requests: 8 HTTP requests in this frame

Frame: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 63EFFAD0F3856F363B13474A3D8E81E2
Requests: 7 HTTP requests in this frame

Frame: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: B9FDA01732306D04CA658310787B9837
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: BD15396482216D735A79FCCB3A35A4CF
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 5932A72C178C30FD7644E95A3651D052
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: A4A2A1018CC1E8FC6016CC39C51B66D9
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 75152D7413494EE840F320EB37A178BF
Requests: 1 HTTP requests in this frame

Frame: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 9775FB4041372DBD3BA1DB0121A2B582
Requests: 23 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
Frame ID: FC8885741E60865D5179DED401F7E575
Requests: 17 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 1C918F69124743452CC94B811669A5D2
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 50C41F705CAB1DD7AF71B2C2A1122F26
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 09E133DD9D9A2C144600BD95742113E3
Requests: 3 HTTP requests in this frame

Frame: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DACEA77E0C1A1C8D2805CCEC2C6352F5
Requests: 24 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: F6E8BF620E5A14C6D92C91A9B313F977
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 8B31BCF2E276ADCB8412976E25E1BB7B
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 89B82FC369AE381C58D03ED16F5362C4
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 6BB70506FE8BADA73A3A42CFED482F9A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 210E53A5321E2B05AD4F0B6F4BF3EA8B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 41F11BA4859FE5A6F5431AA6F64B1469
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 1DCF1746B5355539F21F138968F23AE4
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: C6AF2DED91937C147A5B83D778C809C4
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 24904D3C2504D48960A853824519A899
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB3... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQ... HTTP 307
https://www.cyberscoop.com/ransomware-iconstituent-congress/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

254
Requests

100 %
HTTPS

67 %
IPv6

31
Domains

47
Subdomains

45
IPs

4
Countries

4611 kB
Transfer

9677 kB
Size

5
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://thehill.com/policy/national-security/557007-senate-sergeant-at-arms-says-cyberattack-more-worrisome-than-repeat
Title: said Saturday that, in terms of security threats

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&__hssc=143679850.1.1623636587185&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1?_ud=f815d2cc-47a1-4ff1-bc13-4ab768c1209a&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/ransomware-iconstituent-congress/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623636583471%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fransomware-iconstituent-congress%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&liSync=true&e_ipv6=AQKkArtgs3hstgAAAXoISCbK9WKW6_CVHcIdqEXVcqGffRfHo15URpIvoV7p0P__YusMndjD

Request Chain 198

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:cbaf5cf2-c071-a29b-4716-54f7547e0ae3,c:ftHYpU,sl:na,em:true,fr:false,mn:app09ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgREoH+111%7C112%7C113%7C114%7C1211%7C122%7C123%7C124%7C131*.488356-54309637%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C143%7C15%7C16%7C17,idMap:131*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:220,oid:97203887-ccb5-11eb-bcd9-0ae761671616,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 200

https://pixel.adsafeprotected.com/rfw/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:6a8c2d97-85fb-63ed-362e-a7712ec691d3,c:ftHYqF,sl:na,em:true,fr:false,mn:app01ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgREmZ+111%7C112%7C113%7C114%7C121*.488356-54309641%7C1211%7C122%7C123%7C124%7C1311%7C1312%7C132%7C1331%7C134%7C1411%7C142%7C143%7C15%7C16%7C17,idMap:121*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:373,oid:97164d9f-ccb5-11eb-9518-06d8cca89c2a,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 225

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Ffafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Ffafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:17309cab-d3cc-9132-580b-d7824bc466eb,c:ftHYvq,sl:na,em:true,fr:false,mn:app15ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgREvT+111*.488356-54309639%7C1111%7C112%7C1131%7C114%7C12111%7C1212%7C122%7C123%7C13111%7C1312%7C132%7C133%7C1411%7C142%7C143%7C15%7C16%7C17,idMap:111*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:115,oid:975ca4ce-ccb5-11eb-92f8-0a320acf4edc,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

254 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6Q... Show response
hubspot.fedscoop.com/e2t/tc/ 9 KB
3 KB 249ms
54ms Document
text/html 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9c40365b03586e95cd205a86182554aa31f566bee0022d2d84110198875ab11c

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-type: text/html;charset=utf-8
cf-ray: 65f0049f4ad71f51-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9e1379100001f51c601c000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 2e35395d-0179-4937-a5dc-8c5a2f35b3ba
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=1rcMvMN6ZP7mHd%2BjG3LzE3WqtYE6ZkopZYPNvuNkwSUst1j5nkvs8Z%2FS2ULU4OZz6TVkxgHswmZIpxRihsAh90zdvljJVmHoXfVLdgshPnrfgqbsndZralaTKThtjqFi0rX0%2Fxxr0jCe5Cf%2F8g%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=c7f7bc728621c482cd6c681c1e6bba8487aad72b-1623636582; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/ransomware-iconstituent-congress/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp...
https://www.cyberscoop.com/ransomware-iconstituent-congress/

52 KB
13 KB

403ms
187ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/ransomware-iconstituent-congress/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

cb6af58bd8cb63e2491208144d24b608f55e6ff086fc8a436e7e150e1509b6da

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /ransomware-iconstituent-congress/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:09:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/56945>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=56945>; rel=shortlink
x-fastcgi-cache: HIT
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Mon, 14 Jun 2021 02:09:42 GMT
location: https://www.cyberscoop.com/ransomware-iconstituent-congress/
cf-ray: 65f0049fab261f51-FRA
link: <https://www.cyberscoop.com/ransomware-iconstituent-congress/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9e137cd00001f5163152000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: d253fc4b-1c4f-4da7-b69a-1c0ed84c9c32
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=axZoN8lw%2FWyTgnXalfGSP%2BUtbdmrPqstemjqhb1gnHXk5LgTv9KfSTZdN6k55JUScO1vj%2BrwutqBfGxLaRVxCWfjIpO%2BRb4zW8Bqw%2F54OsqlXvyIi6ELgAlcgevETKlPJtfGzxfKPXzPvphr1Q%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 109ms
105ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

:path: /wp-content/themes/cyberscoop/style.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
826 B 18ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 02:09:42 GMT
server: ESF
date: Mon, 14 Jun 2021 02:09:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 02:09:42 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
642 B 19ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:30:27 GMT
server: ESF
date: Mon, 14 Jun 2021 02:09:42 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 02:09:42 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 108ms
105ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 jquery.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 87 KB
31 KB 108ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 11 KB
4 KB 108ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 108ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

:path: /wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 118ms
115ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

:path: /wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 118ms
115ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

:path: /wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 118ms
115ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 129
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 69 KB
23 KB 220ms
155ms Script
application/javascript 199.232.137.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 199.232.137.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: n1vF9p5VnwtUi4OVeKiiCR8shgMwhmvH
content-encoding: gzip
etag: "ae15e30aca91b7a60c5cc29e73eacf0e"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23442
x-amz-id-2: 6WRg0VM0Wsv1nVnZcNG387ivaQWEMmbplxQGqrhRgnSxdVii4T4PY1aVyF0LeLt/SSx3n0/uQs8=
x-served-by: cache-hhn11581-HHN
last-modified: Sun, 06 Jun 2021 17:54:31 GMT
server: AmazonS3
x-timer: S1623636583.995810,VS0,VE125
date: Mon, 14 Jun 2021 02:09:43 GMT
vary: Accept-Encoding
x-amz-request-id: 9XXW2T4CPFJW3W0J
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 49
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 118ms
116ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

:path: /wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 138
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 118ms
116ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

:path: /wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 273ms
271ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

:path: /wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 213
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 273ms
272ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:42 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:42 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
22 KB 110ms
39ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

501a9391f2566e13d08d808678bfd47a7fef4c33eabbf1625b9494fa75db1071

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 797 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 419ms
119ms Image
image/svg+xml 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: HQ5EGXMJMQ85J9FY
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: TyNvo0dKY55UPxtjrJgljp5ey6NC9YY2sShSPWp7eekoqKJ+0ZfEXlocpwWwDQSj1UGLECYJku8=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 422ms
118ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: HQ58H10FFHJ5FYYE
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: LEuG8fD8CV/nzT++3jajm2A46DDXM9HRdBU17r2bm7qXbjfV2DkTlu+dcdtJ+GHpw+NgTCUDLNI=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 107ms
104ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 107ms
104ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 107ms
104ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 107ms
105ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 107ms
105ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 423ms
120ms Image
image/svg+xml 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: HQ50B48399YE82PC
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: sGKh3+0T4VzWKtVswFqwvXFRO4q/8PXnUTLSzGwvsargm7rHX5HF4aOKH0Oi6faz3zpAJwyCC2U=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 573 KB
135 KB 58ms
42ms Script
application/javascript 2606:4700::6811:b749
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b749 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
via: 1.1 ddeb8679359f033dad405557c487bfdd.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 573
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e13b2e00003260ba3c5000000001
last-modified: Thu, 10 Jun 2021 01:55:02 UTC
server: cloudflare
etag: W/"be4017dc0d84057af0be82378d2bcd1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=vqd%2FO%2BZ9eC73tIy%2BPmu6fLlSjEp%2BH3PNoT7Dd8ANZEF5VJCuOQooBq0%2BRsPcGWqgXxw0EUn0y85tNz3S9Ahl2xsss9Nb9gsQQFIYmhB%2BDhuKYvkTZOSVcN2tlYEKOyHggAIRUReByA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _lWo_seegG84aAiYV148P6d_vJ1mA4fg
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 65f004a51a233260-FRA
x-amz-cf-id: _qGOpmF4pXMcauO6Td5Bt7akxoUWBlV8fgFjnuK3krTdr0vyQzWNwQ==
x-hs-target-asset: FormsNext/static-5.319/bundles/project_with_deps.js

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 61 KB
21 KB 37ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 159 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 104ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:43 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
986 B 107ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-592"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:43 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 26ms
24ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

42863b88efcf7654bf19561dcd1557914829c874815e39b9ee334d5772838543

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53349
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 107ms
105ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:43 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 156ms
156ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

:path: /wp-content/themes/cyberscoop/css/lightslider.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 02:09:43 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
26 KB 30ms
28ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 70016
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e13b3600004e25e9047000000001
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 65f004a528e94e25-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 418ms
118ms Image
image/svg+xml 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: HQ5DDG994TYBPXVZ
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: m0x4A7MTiD/qWhWVj+xxqfFop/5MHtsuq1WFd+dSWtU+GEKmQ/8R/IdJHd0vf4S8dcI2SH/T4xw=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 416ms
113ms Image
image/svg+xml 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: HQ55J3MQRTG38K58
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: 8nECwd14RitUE9o2UcMEgc4QCzo9vqpu9TVcvvWo/hANNJR4grJY7oYDgApMnfXLJB5Iz6Fhmlg=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:30:23 GMT
x-content-type-options: nosniff
age: 167960
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 03:30:23 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 104ms
103ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/cyberscoop/fonts/PuristaMedium.woff
pragma: no-cache
origin: https://www.cyberscoop.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 5E40
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

2 KB
1 KB

1252ms
1252ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

b4c123bfe0528acccda44c5ac028eb8a197095636da86afc08a3efe6c190b3e4

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1946111824.1623636583; _gid=GA1.2.370291164.1623636583; _gat_UA-80491860-1=1; _fbp=fb.1.1623636583516.485052289; __gads=ID=a910683ccf9ec117-22c016f75fc80013:T=1623636583:S=ALNI_Maw5TPUfezwY2NdXDLoX6zaHxXcaQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:09:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:09:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame D59D
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

1 KB
893 B

1161ms
1161ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

8d98ba3939b21a0c520767950d6964ca73f62348ec71bf30ac2b48279aa9b148

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1946111824.1623636583; _gid=GA1.2.370291164.1623636583; _gat_UA-80491860-1=1; _fbp=fb.1.1623636583516.485052289; __gads=ID=a910683ccf9ec117-22c016f75fc80013:T=1623636583:S=ALNI_Maw5TPUfezwY2NdXDLoX6zaHxXcaQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:09:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:09:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 3CAD
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransomware
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

2 KB
995 B

1176ms
1176ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

bd1cb359ebb5fc8023f9e0df4446ad9fce9f64051bfc58b2a907ffd911071ba5

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1946111824.1623636583; _gid=GA1.2.370291164.1623636583; _gat_UA-80491860-1=1; _fbp=fb.1.1623636583516.485052289; __gads=ID=a910683ccf9ec117-22c016f75fc80013:T=1623636583:S=ALNI_Maw5TPUfezwY2NdXDLoX6zaHxXcaQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:09:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:09:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 4E2F
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill,colonial-pipeline,congress,house,jbs,ransom...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

2 KB
1 KB

1183ms
1182ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

eaf49873148c71e866f814b289ce9d3ec07874998f2b507414db2bbf06702efb

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.1946111824.1623636583; _gid=GA1.2.370291164.1623636583; _gat_UA-80491860-1=1; _fbp=fb.1.1623636583516.485052289; __gads=ID=a910683ccf9ec117-22c016f75fc80013:T=1623636583:S=ALNI_Maw5TPUfezwY2NdXDLoX6zaHxXcaQ
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Response headers

server: nginx
date: Mon, 14 Jun 2021 02:09:45 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 02:09:44 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 congress-capitol-hill-getty-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2020/12/ 58 KB
58 KB 104ms
104ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2020/12/congress-capitol-hill-getty-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 336ba2feba14602f0de41e7be5fa217487b74f4f3ced4a5c162b2f3f8c0a9a34

Request headers

:path: /wp-content/uploads/2020/12/congress-capitol-hill-getty-1021x681.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Tue, 08 Dec 2020 15:34:55 GMT
server: nginx
etag: "5fcf9d1f-e658"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 58968
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 GettyImages-1225219966-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 9 KB
10 KB 104ms
103ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Fri, 11 Jun 2021 19:06:20 GMT
server: nginx
etag: "60c3b42c-257a"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 9594
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 GettyImages-1322885030-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 13 KB
13 KB 143ms
142ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Thu, 10 Jun 2021 19:50:07 GMT
server: nginx
etag: "60c26cef-34a9"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 13481
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 GettyImages-158214905-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 10 KB
10 KB 154ms
154ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/ransomware-iconstituent-congress/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Thu, 03 Jun 2021 20:27:18 GMT
server: nginx
etag: "60b93b26-2933"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 10547
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H3-29 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:42:53 GMT
x-content-type-options: nosniff
age: 152810
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:42:53 GMT

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:23:21 GMT
x-content-type-options: nosniff
age: 135982
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 12:23:21 GMT

GET
H3-29 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 9ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 00:40:11 GMT
x-content-type-options: nosniff
age: 91772
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 00:40:11 GMT

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 105ms
103ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 361
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 105ms
103ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 481
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 105ms
103ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 946
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 106ms
104ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 02:09:43 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 425ms
123ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: HQ55XFF9E2AJ7GHM
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: WMmrOwNXPvh3exDEANwa7D6EHvy4oic18lSyGYCEv1PI05ybC/tnnfoCRzCLB+hJ8UF3ZTdzrZA=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 112ms
111ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: HQ5FRQXH743D3HWC
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: FMHlTi5zDFgiIHoC3GWW+bflmkROWoSee0ZCM+gCntrCsUyX+7Qx9QGqlh8TYJzoZCL6L3tpGqM=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 110ms
110ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: HQ52ZX95AGYED5X4
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: 9eZ/J1ympBcs6X/jj6hARZsc3CkyzEDqO0mVK0we2Fdf7Q/TD1Ic27tOrGSXoSAOcYqtJCHi7PI=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 109ms
108ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: HQ5CBYN64EAMNFEG
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: HoYJLoDHZyOuDaqKnUDNHOc+2bxtgcZaddLT/1QdityakR3Y+NmAt28UHysKbie9ACtTBKh95sc=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 109ms
109ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: HQ5ADA6TXJE43F2F
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: 3/e2fJofnnXIp0jyt40c51Dd4Pf9fm1MBDnYzDUGnUjd/1/2XuE0qC7h6j1/cqhw8kgIBopIbGA=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 109ms
109ms Image
image/png 52.217.47.70
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.47.70 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:44 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: HQ5DS03N4V2NGMDT
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: WsJjmX84kDELKaUJzuDTGHGr1Ap3AdluI8D1z99abA/gtn+p3/6hIys4CnyaXkpbsydBGlzRQ3c=

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 502ms
479ms Script
application/javascript 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

05beec07162f6604702346c96bd2156596c91d84a439764ed1fb8c0837612e8b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 78c6439d-cd30-44dd-aed2-64c1fffdf78c
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e13bf300002b1683018000000001
server: cloudflare
x-trace: 2B15D8DDB3C803013A826B13DB90060A789A0FC555000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 65f004a6589f2b16-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 7ms
6ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 02:09:43 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=42929
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 90ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 7806
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623636583.482820,VS0,VE0
x-served-by: cache-fra19121-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
24 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: LkoRq/AiKULhEYz7GO4rfaYEXI0AnzKwl6AuL82WcHz+/2TYV7hK2tMMeEXByG7c8VPRpWM5kDvT2YkARB/rtA==
x-fb-trip-id: 686109401
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Mon, 14 Jun 2021 02:09:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 1016 B
901 B 154ms
136ms Script
application/javascript 2606:4700::6811:d2cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d2cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a70a68a72a20e1a6e31e2eb01e949b1211be4fc1ca9a9bbf053709d8daf8b4ae

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: bc2cd4e0-2247-4cfa-96a2-dda5e4f3d3fa
cf-request-id: 0aa9e13c0800001766483ce000000001
server: cloudflare
x-trace: 2B2A0590670FD953293B302787D9BDE9871324DED3000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 65f004a678d81766-FRA
expires: Mon, 14 Jun 2021 02:10:43 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ 318 KB
112 KB 82ms
39ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 47ms
37ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7190030
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9e13c150000062d3a256000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 65f004a68d78062d-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 4266
date: Mon, 14 Jun 2021 00:58:37 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 14 Jun 2021 02:58:37 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623636583471%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fr...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&liSync=true&e_ipv6=AQKkArtgs3hstgAAAXoISCbK9W...

0
371 B

448ms
239ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&liSync=true&e_ipv6=AQKkArtgs3hstgAAAXoISCbK9WKW6_CVHcIdqEXVcqGffRfHo15URpIvoV7p0P__YusMndjD
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:44 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-edc2
content-type: application/javascript
content-length: 0
x-li-uuid: ec5NBd9QiBaQiNvFfSsAAA==

Redirect headers

date: Mon, 14 Jun 2021 02:09:44 GMT
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
server: Play
linkedin-action: 1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623636583471&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&liSync=true&e_ipv6=AQKkArtgs3hstgAAAXoISCbK9WKW6_CVHcIdqEXVcqGffRfHo15URpIvoV7p0P__YusMndjD
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: qU468d5QiBYAgNmBDysAAA==

GET
H3-29 200 896395920528126 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75729
x-fb-rlafr: 0
pragma: public
x-fb-debug: Jt9nmLTcsHJ2RPMMaX5v0dk0wJlYJ74xYjFSvtr0WsUVzFz+HyeXgOGxUxFeGHDTjnrPM2IOJLAc9vxZvzVAjg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:09:43 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
13ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1421564770&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&dp=%2Fwelcome%2Fransomware-iconstituent-congress%2F&ul=en-us&de=UTF-8&dt=Ransomware%20hits%20iConstituent%2C%20a%20service%20lawmakers%20use%20to%20communicate%20with%20voters%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=973534189&gjid=1372399486&cid=1946111824.1623636583&tid=UA-80491860-1&_gid=370291164.1623636583&_r=1&gtm=2wg690KR697BF&z=791479274

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:43 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
251 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&rl=&if=false&ts=1623636583518&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623636583516.485052289&it=1623636583478&coo=false&rqm=GET

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Jun 2021 02:09:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-80491860-1&cid=1946111824.1623636583&jid=973534189&gjid=1372399486&_gid=370291164.1623636583&_u=YEBAAEAAAAAAAC~&z=754647950

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Jun 2021 02:09:43 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 212ms
144ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 02:09:43 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 43f66bb46f385730fb1b0900ee7f4fbd36735b282e6808d0fc42eb7f2e3a08d6
x-transaction: ea5749a461974550
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
16ms Image
image/gif 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=1946111824.1623636583&jid=973534189&_u=YEBAAEAAAAAAAC~&z=1163991152

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=1946111824.1623636583&jid=973534189&_u=YEBAAEAAAAAAAC~&z=1163991152

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:43 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 41ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 27 KB
11 KB 68ms
68ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?btvi=0&fws=4&u_cd=24&ga_hid=1421564770&ptt=17&biw=1600&u_his=2&msz=640x-1&enc_prev_ius=%2F0%2F1&impl=fif&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..&ohw=1600&bih=1200&adxs=480&correlator=845898127654356&dt=1623636583590&ga_fc=false&gdfp_req=1&pvsid=4469720530063338&prev_iu_szs=640x480&lmt=1623636583&dmc=8&psz=640x532&sc=1&sfv=1-0-38&eid=21064372%2C31060977%2C31061180&ifi=1&u_tz=120&ga_sid=1623636584&frm=20&u_h=1200&bc=31&scr_y=0&scr_x=0&u_java=false&dlt=1623636582911&ucis=1&cookie_enabled=1&output=ldjh&vis=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&u_ah=1200&idt=661&ecs=20210614&adys=365&u_w=1600&vrg=2021060801&ga_vid=1946111824.1623636583&iu_parts=18430785%2Ccswelcome&adks=113530204&abxe=1&oid=3&u_aw=1600&u_sd=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

da0411812fe65766abc7fbdacf7f256f0fd1de3d4c752f3552b42c23f247768c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11108
x-xss-protection: 0
google-lineitem-id: 5715621344
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352336806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
efec5319556ee1232c8145e9121a9e93.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 145ms
52ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://efec5319556ee1232c8145e9121a9e93.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 60 KB
15 KB 32ms
14ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 249
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-request-id: P8HAB06STAFYYQ3Z
x-amz-id-2: BXB3vwio1kSzS9KVrtBD0awKEPS876ZX8/iDNOq5Vi8YeJNRnD5v2T2nNQk96SgXR8UD9Qgdy2M=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:34:34 GMT
server: cloudflare
etag: W/"7d1960c560e9e1a7c68d368bb00a59bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 7fcETuGJ5.5rTY48fGHOjt280gru2ST6
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0aa9e13cc200002b652d375000000001
cf-ray: 65f004a79cb52b65-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 14 Jun 2021 02:10:34 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1623636300000/ 62 KB
19 KB 38ms
21ms Script
text/javascript 2606:4700::6811:44b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1623636300000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:44b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: br
cf-cache-status: HIT
age: 249
x-amz-server-side-encryption: AES256
x-amz-request-id: VVS24HVS22T0F83A
x-amz-id-2: x7HO/BKSW51chO+y7Hbb/dYEj1O3Nu7h4buxp1ikbEOC/KcHpz1DjrUmZ/wu2V2VwPOyQ2bm5DE=
last-modified: Wed, 12 May 2021 19:10:17 GMT
server: cloudflare
etag: W/"95a153c93e899095ceff108333b7e80a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 0aa9e13cc00000176e26362000000001
cf-ray: 65f004a79baa176e-FRA
expires: Mon, 14 Jun 2021 02:10:33 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9AD8 0
0 40ms
40ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssNMealSRRSD_AlL-yBxVx8H6iqUTitUCamZgsXYtK_FSVI1-3MzuygmtM9EO0aP2TGyQvwKuGh8l0yPHXVpDIXJ90a3IJS0d9CtBZ0ihU7_IY-BEuBXgmPDgDq_6mjPrtTND1Bd9ZzWmhD0ZxUK0CU8Ht2JBcIXGh2ioqWyNE1nQGUmlIsxKiEabq30t3T0TMHlLTxn5d8FFRe6Cu9jUnPfBx9EEI5lLxMzP1ezmet3y2hxsUaF5_FsPVssSf0BOTCsUShafg26g65mxMxDedgYMTb2pHQMTCKn1mi_PA&sai=AMfl-YRk0nVaXjGgeKxmRe-CE6utqwTsLcZAywDUFfsTn8gmV3AOucv2Hp-n_iSnb64ersElMfoAdWAXQEVjvitvjeSlGEbbR08JChLxctCo1mPp5v9NAqBDkr51FgLfOMJo&sig=Cg0ArKJSzFD_c0hNqYS2EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 9AD8 17 KB
7 KB 27ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4932
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:47:31 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 9AD8 2 KB
1 KB 22ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:30:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2332
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:30:51 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9AD8 122 KB
37 KB 28ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H2 200 13841792684619255105
tpc.googlesyndication.com/simgad/ Frame 9AD8 91 KB
91 KB 25ms
7ms Image
image/png 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13841792684619255105

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:21:11 GMT
x-content-type-options: nosniff
age: 128912
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93333
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 10:24:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:21:11 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 29ms
17ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:43 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9AD8 0
0 77ms
40ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuz-e_GOJvgvu-zxxRl9Nv10OzaT5y9EeluJX9b-OnCiRTT4m6vSDBkVGljX598bVgxRcU1laG3WFqEhcD8BFF6oeMr7_DHDPqh7EtvQoa4cJUOWgIWaYOCpa_MEWs_gkCpg89o6zZZKHXHVFj5gW9OXSdCUOxF3Py0cUu8xbPLdzl5J0jsDaz0XkbYwp3gchW2hPaOXJ6vq5HBh4m8ySTuGHJL7sZ61l73IjnKhvF1sTEftdmcngRd6vUBvaj0xrDjKLpSXHaCuPRTCDvO7JUUFjNvOA49qYNqbibR8wlBNw&sai=AMfl-YSizWPB4PRJWzN9EIzPy6TjNUBrznXcXUnsCdy1hAOTgQwicr8XvVfj5twV58V92EynBwdiFiF2LxGhAF9lDuZVvgVUC71SjGAvXeZiO3XxgejaC6xX3GHrwQHwQsFR&sig=Cg0ArKJSzDSIvwtWOwYOEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:43 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:43 GMT

GET
DATA 200
OK truncated
/ Frame 9AD8 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 806e91dc989e89c0933e37a3a84b73a9fffa7bb469a367dbcbb92108b5328f96

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
520 B 24ms
21ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:25:59 GMT
server: ESF
date: Mon, 14 Jun 2021 02:09:43 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 02:09:43 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryAT2APN2QfrzT3B7b

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Jun 2021 02:09:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 9AD8 42 B
518 B 35ms
15ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstYS82bFRBYzQazr0Oj2h61q8V4IVn4MNa0CqgfERwcXyXTnG-y98uuHQN1YiaKoenK6I-IucWIPXcYcAFMph4DKP3zvq2Uv-UgBAu7UFI&sig=Cg0ArKJSzPD6scAsg5_qEAE&id=lidar2&mcvt=1000&p=371,480,851,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=113530204&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623636583680&dlt=0&rpt=108&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 4E2F 61 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-lEx6Ab63r1-billboard&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 543 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame D59D 62 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9866f495460a45d1ec832057bb5b598431206528e7c74fe242d875cb31b3dcd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 463 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21413
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 4E2F 318 KB
112 KB 40ms
37ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame D59D 326 KB
114 KB 38ms
38ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 4E2F 107 B
122 B 29ms
15ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 4E2F 107 B
122 B 27ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 4E2F 19 KB
8 KB 71ms
71ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2114629005982465&correlator=1333741644106970&output=ldjh&impl=fif&eid=21064372%2C31061142%2C31061181%2C31060839%2C44744016&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dgovernment%26Tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&cookie=ID%3Da910683ccf9ec117-22c016f75fc80013%3AT%3D1623636583%3AS%3DALNI_Maw5TPUfezwY2NdXDLoX6zaHxXcaQ&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636585&dt=1623636585833&dlt=1623636585721&idt=106&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=3359&adks=3048910702&ucis=h9k4d2b1nvr5&ifi=1&ifk=2085346005&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-lEx6Ab63r1-billboard%26category%3Dgovernment%26tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=1946111824.1623636583&ga_sid=1623636586&ga_hid=73508833&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

b51160c3d152a1b49be74dfb2b74c8160d46acc5e10a44795af4298921842d29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8261
x-xss-protection: 0
google-lineitem-id: 5650762076
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343891965
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 4E2F 0
0 90ms
52ms Other
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame D59D 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame D59D 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame D59D 9 KB
5 KB 69ms
68ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1743017427439559&correlator=3477499128019419&output=ldjh&impl=fif&eid=31061413%2C31061143%2C31061335&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware%26categories%3Dgovernment&cookie=ID%3Da910683ccf9ec117-22c016f75fc80013%3AT%3D1623636583%3AS%3DALNI_Maw5TPUfezwY2NdXDLoX6zaHxXcaQ&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636585&dt=1623636585855&dlt=1623636585730&idt=112&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1405&adks=4064999910&ucis=vet8xtvkse1o&ifi=1&ifk=3080191770&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dgovernment%26tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=1946111824.1623636583&ga_sid=1623636586&ga_hid=526622976&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

43f47bdd7ca113163c3e839c86f8198edfbd81f186fc7401ec2f54b211b70228

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4648
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348804970
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D59D 0
0 52ms
13ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 3CAD 62 KB
21 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

896fed6cf068a0d1e73a60868a06def4f229223ab2f78856a90f7f81ad9157e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 784 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21413
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 pubads_impl_2021060901.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 3CAD 326 KB
114 KB 38ms
37ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 09 Jun 2021 08:43:05 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116890
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H2 200 container.html Show response
3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 63EF 6 KB
3 KB 20ms
20ms Document
text/html 2a00:1450:400d:804::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:804::2001 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:09:45 GMT
expires: Tue, 14 Jun 2022 02:09:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 4E2F 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 4E2F 11 KB
8 KB 33ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

04a7c170e713809a59321cc6383dea53849613a739ca399be527604f920bb443

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8424
x-xss-protection: 0

GET
H2 200 container.html Show response
5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B9FD 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:09:45 GMT
expires: Tue, 14 Jun 2022 02:09:45 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame D59D 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame D59D 10 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5d45d7ca35f8926cae3a7d290f6967472d025fae975e7d959fb17ed42da53f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7896
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 4E2F 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 63EF 17 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
URL: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:47:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4934
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:47:31 GMT

GET
H2 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 63EF 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
URL: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 63EF 122 KB
37 KB 15ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
URL: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame B9FD 22 KB
7 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame B9FD 8 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2631
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:25:54 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309641/ Frame B9FD 45 KB
13 KB 163ms
67ms Script
application/javascript 52.18.126.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.126.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 5c08f7957a31e160e21f72467d3357c7703bf60d706b2eba9dedcda1f709054c

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-server-name: app01.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9FD 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:45 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 3CAD 107 B
165 B 16ms
15ms Script
application/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 3CAD 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 3CAD 9 KB
5 KB 67ms
66ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1622630129198611&correlator=242322671002409&output=ldjh&impl=fif&eid=31061223%2C31061279%2C31061428%2C44744015&vrg=2021060901&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636585&dt=1623636585993&dlt=1623636585869&idt=106&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1670&adks=2863372106&ucis=aly8ggj3zh2t&ifi=1&ifk=2906641264&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dgovernment%26tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1705212805.1623636586&ga_sid=1623636586&ga_hid=500593017&ga_fc=false&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

f2b6029c77cf8136771c7c88557053d581a66c31a2ff20755e570874da8b6068

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4945
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3CAD 0
0 27ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame D59D 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061413

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame BD15 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 5932 783 B
786 B 14ms
14ms Document
text/html 2a00:1450:4001:812::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

1057bdaee6ab136f0241379a509315bd1da4397a0d5260ea2968d38918e51c76

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-zkE6bPJu2NM72bO+99R/3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:09:46 GMT
date: Mon, 14 Jun 2021 02:09:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-zkE6bPJu2NM72bO+99R/3A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9FD 0
0 40ms
40ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssA8M7mznY0Orhq6JeV0NKAT5kMWkkJyXl8V5uBZXsHGZ03uySwnLoZn-U62ydR83zgICa0rY_mE677eqdeA2UGBC3QJ3XHnFD6VGtHWzxqcGn49NelHpC4uNPHSv077OsDERiqpPlnHprfDEQhfhvIV27ioQ7rTnoOCbHeQ3_WZk3PHES1HP4iZXuWvdCsM8r7a8CRRvk86upIDvIBGdLbcBrrF-3ysILieOR8iteKXINXcbEzKbZAhctCTrp_kA0drNXHtrVHw052aR1CulVkO1q7T_MFVtrZ7Zsg0Dsc342-1HZ3vc5o7e2hQ6RH3z_DrBSxZTg9o9A&sig=Cg0ArKJSzIdlr9C6sPfrEAE&urlfix=1&adurl=

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame B9FD 37 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 08:25:55 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame 63EF 109 KB
38 KB 32ms
11ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
URL: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:06:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 64968
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 08:06:58 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame A4A2 12 KB
5 KB 10ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 7515 783 B
533 B 20ms
18ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

8413a195c3170876648be20323d8ed4d4a7a92137f62a53a92eb9af71d5b1885

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-xOAWqJXJukZ6Df+iaIq4sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:09:46 GMT
date: Mon, 14 Jun 2021 02:09:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-xOAWqJXJukZ6Df+iaIq4sg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=x22zhn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstVoUOWIgmMMEUNoM9NQTKPs8zJNXXGCqEeRS3cfhMx... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame B9FD 36 KB
19 KB 126ms
57ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=x22zhn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstVoUOWIgmMMEUNoM9NQTKPs8zJNXXGCqEeRS3cfhMxiBhhBPxkSilNA_uB2eAjEc7-iBMX9ynPEAPBxSkwvKix4N8siwjuA9jGHniyaGJmR-krC8WJnM8AcuT-l-8HxnOm9aw_PYVvdOwzMmUDVBXbVT3pilWADl_LKZVpBZxt9QggFnS9m0WobsZCevXdXL-qILTljV1xPECzUP8497BUsBlwvzbahdXT25e6UClpWYToG8Ep-BD0ZSIe__J9_u73CQ8_ZS0G-YrtrBCPipv28_QACuDR1GduxOgw_0UdotcCLCwK86CaSJ6EMUFzyml3onlO_NM%26sig%3DCg0ArKJSzD286G9VIAN3EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=T0YKmk5oD';osda=2;sttr=50;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

4921a1b1fdc95d91d9900fdaa6e04234160ae0247dfb6a44dbf63037d38dd119

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18356
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 container.html Show response
01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 9775 6 KB
3 KB 22ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:09:46 GMT
expires: Tue, 14 Jun 2022 02:09:46 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3CAD 73 KB
28 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 3CAD 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060901&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0f752808043aa7c374767f8eb9f38f07d98a6eda886dd22de3d43b186b04c4a3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7962
x-xss-protection: 0

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 5E40 61 KB
21 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-j4HebWU0ZJ-leaderboard&categories=government&tags=capitol-hill%2Ccolonial-pipeline%2Ccongress%2Chouse%2Cjbs%2Cransomware

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 109 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/384545/37259705/1616424723238/ Frame FC88 30 KB
5 KB 120ms
107ms Document
text/html 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f40172e14e9b68f8b78161e7a45561708ea431ee21525c50fa484b6562da2d0a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/384545/37259705/1616424723238/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 5366
date: Mon, 14 Jun 2021 02:09:46 GMT
expires: Tue, 15 Jun 2021 02:09:46 GMT
cache-control: public, max-age=86400
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63EF 0
26 B 41ms
40ms Image
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst-exOXPAUSgmTrhrQI9Rmatyi7Ii8qx3wdqWxJX0NITEa20n8ez5c_4clxZQ1hACHcReKGQbJQ9XMnDxzg-efDpWA-Kr_L8PQ19OZ3WAeWtbHceCCwlVWpYYLI1cRkCqVzqoPSDdFwJMAyqIKRUEsrLNuqz6Y5Lg9YVJBKvyPokdfisIBNzx0xHUSStVotWXx00p3-FN4reWy0MVkWkhHNmYuDKKI3Ugy4zYMrbIZ1hhDv6CGKvRK4HVmZ3U2822XbzgyYEXgrZ3bNvorG2bxlwgjwnLhqGjL48lXSuYFYZw5LmclRE5bSby4f3FmvsilLZrNu5y4&sig=Cg0ArKJSzO8FmYCyXN5HEAE&urlfix=1&adurl=

Requested by

Host: 3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
URL: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 3CAD 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060901.js?31061428

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 9775 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 9775 8 KB
4 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:25:54 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309637/ Frame 9775 45 KB
13 KB 52ms
50ms Script
application/javascript 52.18.126.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.126.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 62c7939eaaca1823c84410b0cc50a41b6e16e9bb1b974c3e06d01997183f1103

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-server-name: app09.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9775 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame BD15 14 KB
6 KB 19ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 5E40 318 KB
112 KB 41ms
41ms Script
text/javascript 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame A4A2 14 KB
6 KB 16ms
7ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 1C91 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 50C4 783 B
532 B 15ms
14ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

2e7a42d89cdf8bf82c384bbc50c2752c46993688776abac452cea13a56c057a2

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-30fCo++hImlJ1mu2IGnH9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:09:46 GMT
date: Mon, 14 Jun 2021 02:09:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-30fCo++hImlJ1mu2IGnH9A' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9775 0
0 43ms
40ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssi3pLZflm4yLZlNHrWHDfjCnbQXpLNts1RO38GRxjyo9Incb-OZ3GjTnwOcrM0WVC1KuSzqgchvjwLcfqPHlRN72MbokbvBHAOHgv2BesdaXEeIqPIt3G4sTqP6px0TLTfmoiuX-jM_eFbcL8CEqjSYfc2y_3Thb75UUyf0u4GyZ40CHwOGRB5pkBamABYs2cByGBQCg_iX3DONuGkSvIyOo4Yj2lMRviRm93Fhkx5IPw-zGVgp1Bdqx6IhhiaVPcvBbF5ndDJYo2cDR3qcCADHchmW8B75oOhT569CmVgrgaNwhu9g4f2UO8BztCRghqHiQ8IbQ&sai=AMfl-YRZY-ddPNoMLW_vj3fh_Omp0SLTvcx_PRJBW-ErWsxN6K_XaemCvQAl2RbwuJXcPS60hEV8N9e31DbNravKvUqyOrS9na6KBqrQ0zxHttWtUECzR8zmkaEHH3uSLWg&sig=Cg0ArKJSzG7bICmtZGI-EAE&urlfix=1&adurl=

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 9775 37 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 08:25:55 GMT

GET
H3-29 200 B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=qi24ih;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvYpno6--qK7LxBD1nJ1Y4DZvK6Fgq-vYPYK3KRfRwkj... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 9775 36 KB
18 KB 104ms
67ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=qi24ih;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvYpno6--qK7LxBD1nJ1Y4DZvK6Fgq-vYPYK3KRfRwkjTNHa6m9vjoF4bHIUdJiDWdsbJyyTbhw0ve0ckHiymVRBcjy4PH7NbdlFAdTSUv8EcnQsLtZbHHTtM3ngCBlTJeDFkkbyolxB2fhmggbmV54x6BjMaM40jz_E5VslD6nPRAATL34sn1uGoIo-ih1wY0XfjuTMueAePynnkwAGamPUp85CpRTsQxGoOMMP9Lz2JyaaFCR5jP43un3u6N53iBtole2Jr0AlnOIvq3TV5fiQ6x8zVQZeFUkg46X3mv2OJZpHA-w7RCxPNejzIES0C37GQ%26sai%3DAMfl-YRcMjXpKfdIrU9SeRC5fg_iran1kDZhlFL91BDZ7WCrswcwrpGf5Vt4i3KkAuMZu0XaquaktFUqtcWvL3cROHU4-HDs5nzKz0ad3yloo491Nbau_6tE2KReZMH0XeQ%26sig%3DCg0ArKJSzEdF84c7n0pYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=M.gATwYTge;osda=2;sttr=61;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

5b9fa2e8d1b6e94ea6499fac673b45ba81076cac755cc8ef2c73dca7351f406c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18826
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 5E40 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 5E40 9 KB
5 KB 70ms
70ms XHR
text/plain 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=1792394476200764&correlator=490265231094045&output=ldjh&impl=fif&eid=31060439%2C31060783%2C31061362%2C31061422%2C31061003%2C31061151&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&cookie=ID%3D67d132802bec5242-22f619925fc8002c%3AT%3D1623636586%3AS%3DALNI_Mb3qvDwpGb3OfVm2BJwiBEmWJxvRg&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623636586&dt=1623636586239&dlt=1623636586057&idt=174&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=jfpge661mljs&ifi=1&ifk=1977060027&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-j4HebWU0ZJ-leaderboard%26categories%3Dgovernment%26tags%3Dcapitol-hill%252Ccolonial-pipeline%252Ccongress%252Chouse%252Cjbs%252Cransomware&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=688602324.1623636586&ga_sid=1623636586&ga_hid=758792491&ga_fc=false&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

60cfbca01a5dc542dbc84d84aa05fee373ae76af068d970c8c6419aa6342025c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4662
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame B9FD 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=x22zhn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstVoUOWIgmMMEUNoM9NQTKPs8zJNXXGCqEeRS3cfhMxiBhhBPxkSilNA_uB2eAjEc7-iBMX9ynPEAPBxSkwvKix4N8siwjuA9jGHniyaGJmR-krC8WJnM8AcuT-l-8HxnOm9aw_PYVvdOwzMmUDVBXbVT3pilWADl_LKZVpBZxt9QggFnS9m0WobsZCevXdXL-qILTljV1xPECzUP8497BUsBlwvzbahdXT25e6UClpWYToG8Ep-BD0ZSIe__J9_u73CQ8_ZS0G-YrtrBCPipv28_QACuDR1GduxOgw_0UdotcCLCwK86CaSJ6EMUFzyml3onlO_NM%26sig%3DCg0ArKJSzD286G9VIAN3EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=T0YKmk5oD';osda=2;sttr=50;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9FD 0
60 B 192ms
39ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu_f72IDf55o0O70DnBOmytRwks5vRpLFrsdcZqoAdNl-n600gbCuPXudDWpZWLFrEISmUHXxRGGyuioZcinICRP0JSL0rkOYrgO03dwdi32SApi6lZRMJTrVzUER-FGbI_yunIfjfdf8eNShSIrrmiMtR-EfbKtk5uPbwPT5GvVw&sig=Cg0ArKJSzFcB8CXeHMzREAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210607.37257&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame B9FD 0
0 342ms
111ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302298781&crtvid=149873349&rndnum=3786406293&site=N7442.3728797STATESCOOP&adid=494951338&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302298781;dc_ver=75.217;sz=300x250;u_sd=1;dc_adk=2235259097;ord=x22zhn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstVoUOWIgmMMEUNoM9NQTKPs8zJNXXGCqEeRS3cfhMxiBhhBPxkSilNA_uB2eAjEc7-iBMX9ynPEAPBxSkwvKix4N8siwjuA9jGHniyaGJmR-krC8WJnM8AcuT-l-8HxnOm9aw_PYVvdOwzMmUDVBXbVT3pilWADl_LKZVpBZxt9QggFnS9m0WobsZCevXdXL-qILTljV1xPECzUP8497BUsBlwvzbahdXT25e6UClpWYToG8Ep-BD0ZSIe__J9_u73CQ8_ZS0G-YrtrBCPipv28_QACuDR1GduxOgw_0UdotcCLCwK86CaSJ6EMUFzyml3onlO_NM%26sig%3DCg0ArKJSzD286G9VIAN3EAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=T0YKmk5oD';osda=2;sttr=50;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame B9FD 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H3-29 200 04232021-075324155-AMER-ENG_VT-05_0_300x250_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png
s0.2mdn.net/3569326/ Frame B9FD 75 KB
76 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04232021-075324155-AMER-ENG_VT-05_0_300x250_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

007811af35be7403136f95700fd7ac160ce7967a12d1c677703b7a04be6ed451

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 12:27:56 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 14:53:24 GMT
server: sffe
age: 49310
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 77296
x-xss-protection: 0
expires: Mon, 14 Jun 2021 12:27:56 GMT

GET
H2 200 /
events.mmi360.net/ Frame B9FD 68 B
135 B 418ms
188ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302298781&crtvid=149873349&rndnum=3786406293&site=N7442.3728797STATESCOOP&adid=494951338&aucid=&exchid=&sellid=
Requested by: Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302298781;a.a=494951338;cache=3786406293;
ad.atdmt.com/i/ Frame B9FD 43 B
1 KB 61ms
46ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302298781;a.a=494951338;cache=3786406293;

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: jcP5cAH7gFiJI0tPoFjoawLHxhs/Oa8JevO5T7cDO2if/mFiIB6LtqS3uq7Cqs7GKZD+Ft8k6gz9mfvY65R2rQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:09:46 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame B9FD 183 KB
58 KB 237ms
87ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame B9FD 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 d3d4068164787e7f19bc767ad00966a0.js Show response
s0.2mdn.net/dfp/384545/37259705/1616424723238/ Frame FC88 67 KB
17 KB 82ms
82ms Script
text/javascript 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cf846a73481d85a57d1056aa96f382688122246de5a2e9019ca0bc75ffeb7dae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17489
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame B9FD 0
545 B 137ms
38ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame B9FD 0
0 39ms
38ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu9NK2hCmBJcsuBqFF6SEcDYOKiBGf4_nWsapyKtSLVNWwt9IOGVjAfjuNUSgpwubmVZ_eY_P0v0LqkY6AMHCp2qlfPaCWrECaOlt2XJLLXXu7od67VpA9dyjsLk3juRCn5a-1Jpn0b6PYHBqKh_1a_CZoQ6i3fO3Ubqc-RFqwZ8p6Qh_IWUps8s-yFb484uA1vPfov1kkMnI-sXrieHoWjlNZQM5YMxx5CT6nkyYht3p3qyj4XbGaJ0CvnMx80FoAB80hFA_LuYr7v7kwjzHbUZrg5Vnhm0xRu_6Y0rtqYYXZZ3V-edP-aCXTBb4Bzzm52TznOUVvYViMkLQ&sig=Cg0ArKJSzK30CMQnLXrkEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 09E1 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 1C91 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
DATA 200
OK truncated
/ Frame B9FD 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0d502c8628e76ace6a88d26f29b86be4c872c65e1875eecf26c716f1468345b3

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 container.html Show response
fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DACE 6 KB
3 KB 26ms
13ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 02:09:46 GMT
expires: Tue, 14 Jun 2022 02:09:46 GMT
cache-control: public, immutable, max-age=31536000
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5E40 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 5E40 10 KB
8 KB 17ms
17ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8d29d1da01ef8a0973793ebb8d840e76fe3717b7f1fe58ba4d0abcd1f3a2cfeb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7919
x-xss-protection: 0

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 9775 8 KB
3 KB 9ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=qi24ih;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvYpno6--qK7LxBD1nJ1Y4DZvK6Fgq-vYPYK3KRfRwkjTNHa6m9vjoF4bHIUdJiDWdsbJyyTbhw0ve0ckHiymVRBcjy4PH7NbdlFAdTSUv8EcnQsLtZbHHTtM3ngCBlTJeDFkkbyolxB2fhmggbmV54x6BjMaM40jz_E5VslD6nPRAATL34sn1uGoIo-ih1wY0XfjuTMueAePynnkwAGamPUp85CpRTsQxGoOMMP9Lz2JyaaFCR5jP43un3u6N53iBtole2Jr0AlnOIvq3TV5fiQ6x8zVQZeFUkg46X3mv2OJZpHA-w7RCxPNejzIES0C37GQ%26sai%3DAMfl-YRcMjXpKfdIrU9SeRC5fg_iran1kDZhlFL91BDZ7WCrswcwrpGf5Vt4i3KkAuMZu0XaquaktFUqtcWvL3cROHU4-HDs5nzKz0ad3yloo491Nbau_6tE2KReZMH0XeQ%26sig%3DCg0ArKJSzEdF84c7n0pYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=M.gATwYTge;osda=2;sttr=61;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9775 0
60 B 86ms
39ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsu2hlq3tqeRZUAvGFC_xiS79JlRkg68cbzD_HChfxpwSauJigxThr0sTbxZQqQtFe0dLMpW9EefhmldPoqAktx3bc2-gAVih7xS975ISoIzEHfkupbJevQAI2kzPe9wa_pKpz5-MXwSehQOpNm-_Jdn1VUvypRXwGG5Qe_OpAnIbw&sig=Cg0ArKJSzFcMdJYUEGx_EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210607.41496&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 9775 0
0 236ms
111ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149966235&rndnum=4204978665&site=N7442.3728797STATESCOOP&adid=495002688&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;sz=300x600;u_sd=1;dc_adk=192105431;ord=qi24ih;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsvYpno6--qK7LxBD1nJ1Y4DZvK6Fgq-vYPYK3KRfRwkjTNHa6m9vjoF4bHIUdJiDWdsbJyyTbhw0ve0ckHiymVRBcjy4PH7NbdlFAdTSUv8EcnQsLtZbHHTtM3ngCBlTJeDFkkbyolxB2fhmggbmV54x6BjMaM40jz_E5VslD6nPRAATL34sn1uGoIo-ih1wY0XfjuTMueAePynnkwAGamPUp85CpRTsQxGoOMMP9Lz2JyaaFCR5jP43un3u6N53iBtole2Jr0AlnOIvq3TV5fiQ6x8zVQZeFUkg46X3mv2OJZpHA-w7RCxPNejzIES0C37GQ%26sai%3DAMfl-YRcMjXpKfdIrU9SeRC5fg_iran1kDZhlFL91BDZ7WCrswcwrpGf5Vt4i3KkAuMZu0XaquaktFUqtcWvL3cROHU4-HDs5nzKz0ad3yloo491Nbau_6tE2KReZMH0XeQ%26sig%3DCg0ArKJSzEdF84c7n0pYEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=M.gATwYTge;osda=2;sttr=61;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 9775 41 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H3-29 200 04262021-072232537-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png
s0.2mdn.net/3569326/ Frame 9775 144 KB
144 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04262021-072232537-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cc192458ca20ad45d51d1a6ae6c26994a23a9f882865613ee52b342b47476d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 18:29:37 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 14:22:32 GMT
server: sffe
age: 27609
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147416
x-xss-protection: 0
expires: Mon, 14 Jun 2021 18:29:37 GMT

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=495002688;cache=4204978665;
ad.atdmt.com/i/ Frame 9775 43 B
170 B 39ms
37ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=495002688;cache=4204978665;

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: g5VD7Zprjuz21gH3nTAxBfIFZpd5B4KFYYRbLT4mlun9cHRWNM7p7LdJv6Is5lHRLmaYxTBZ8bCAYDOjsu/tzA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:09:46 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
events.mmi360.net/ Frame 9775 68 B
134 B 313ms
189ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149966235&rndnum=4204978665&site=N7442.3728797STATESCOOP&adid=495002688&aucid=&exchid=&sellid=
Requested by: Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 9775 183 KB
58 KB 86ms
41ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 9775 122 KB
37 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 5E40 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 9775 0
60 B 39ms
38ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 9775 0
0 39ms
39ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsseE7Xcn5wvSRVKDA_DfYkUcAwLAYodWtk5hh4UQ3VqBM3FxMGPhjZ5twpXgQvJ_LihGX6L1uW7UNTF54z3bJQI471XG_wSoyzJ5qCAFPRL8tNm7enexZB7QvDchKLMwIpehRnedxGtUTZOlUYXAxSkHUOf4DKrVa8Kvc0EvQyjK_UCnUmeC-AhPUZdmWjOWRaDuvmM23dyQkHx4PoqQA21bemjnGyBegvz04oOBbDoqrTsU0V8cPbd7jBfY2tXwvMF1XvGNTulKrroBqcrRmRHXxVWC-YDjqzeLYqSo_w4DNugqCgT41bYgOCBirWPl9s9fVpufnVf&sai=AMfl-YT7p2u46FevmnHzRFr5EeJkMyLZ2JqxNYadvuY2uWue3vcpT_oCY91a_VYAAgkOTUO34OYmjEHrFM87IX9o-viBNVmKBxPSW1hpkP5H0b-YeJYmonRHhWGXFXipM64&sig=Cg0ArKJSzEPLO2ltQWleEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 user_uploaded_metrichpe_700_normal.ttf
s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/ Frame FC88 71 KB
32 KB 57ms
57ms Font
font/ttf 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/user_uploaded_metrichpe_700_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ecdb1f9033b14ecae8b48c6c031db9e36aa4def65bbf01d81c1fa5936d0fe0ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33126
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 200 ed51ecffd2e38f72aba2149936a49f95.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 294 KB
294 KB 84ms
83ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ed51ecffd2e38f72aba2149936a49f95.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b106950d4c6a4cbd57d6aaca1941435efdf19038c8cbbd1e1a722530c86cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300842
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 200 67550dee2daacb4f1a674cadca3e322b.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 112 KB
112 KB 69ms
69ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/67550dee2daacb4f1a674cadca3e322b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d721dd2d02c1752e5afca908c64d3f268c73ef89d4d532c428e6eda026461d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114997
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
DATA 200
OK truncated
/ Frame 9775 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6f0f83f30b16325ecd0b26026c033469e70e3729f328dff5d5524a746e44bb9

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame F6E8 22 KB
8 KB 8ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 8B31 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17560
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 89B8 783 B
532 B 21ms
20ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

6e69df30c50a02a1fe22a474554405836217abefd5f3ee8ffeb16a8623ad1f47

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-O6b/TngLp91zn8tyohQuGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:09:46 GMT
date: Mon, 14 Jun 2021 02:09:46 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-O6b/TngLp91zn8tyohQuGQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DACE 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 10:06:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 144191
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 10:06:35 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DACE 8 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2632
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:25:54 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309639/ Frame DACE 45 KB
13 KB 53ms
52ms Script
application/javascript 52.18.126.50
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.18.126.50 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 6519e9c01b07e37c9403263071bdcd829528044c537e1c4ce58f5dd0b0b6cb61

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-server-name: app15.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DACE 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4E2F 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2114629005982465&bg=!AAOlA0fNAAY6sG-_OrA7ACkAdvg8WqnD5nbGW2vYDQVKCUm7hINFoVPczSoMr-V4_0VpSVhwObafpQIAAADzUgAAAE9oAQcKADX-0xD7kMECehPwKLlQDGxBiVArsFAsR4W8UgUzlsk2CugDyQxlS8cifQV6DtczBXoMEapf7pkClSBBDUmG3ucI8mj-qyhj44e3WrlzaPk9v4xY-B2WusOZGsjjRVLa2Zv1awhhP7obCBmiUFu8xR4Te2qYUQUPYBm_kxJlvcCD1JixvugwxNa3BT5A-o0QhsEZXIwUq6yCeY7E02dnWK1IXxfuqfFTAzyaZTW6NsDGpKPWEIEIqRAjCO0pEjHvCHARlwqFKUzFvjkP9AQQPLZeLhQncI-jLuqU338FRWxSbDZ03L46Jus4-uf2OtoxA-pzi6_IFD_JQ2iljwAbkKGIo5hkcjVKoz5_kEZ05wGZsrqqSk9ze8UHMahANrtSUwd0K9m2w8pEyZwgykvIisUpkSAaZOue_YgWW23qdaHBm8yFQFv6xyPn8ZhF9CaBM6yMqyAC5L3IekfMCeWKH5rZOWvKPS-Id2LfMJPlIQQ3b5MRMG1wrUJmu5JxaiOG6_KAJqDOzem88GENIT4D2F4oqC-MADpmn56dSjXvQ_K3tz3PFT1URhD3kxfNxjuzA-o80QTy1T9IZhk9v0NnjCNnYUyjxWe03PbNgNvmdG61SNvykUlG4UQOIC7KFMNp8Lhpt7Sf20J-K9-z6MVAS3BNRn9p04dmwnDX4t-NmPsOS1g99BDf-wGVLxoqagjjf6_LvPwN11UfU5xa_4D-5rktzy1HyDZn36tXzirN48-5etHaSWRaqSRJc2d_bWRkESevefsbkHxrYEZO84bPjlH9LPCLDTEgO6QJrz1d_0-Rw5vatM6dlvsswk5joxRTwgegbkYuOjD4A9Q3tBBvNjyIXKlDSbykyNqp4Ld5CQZ-aHYcvnQd2_eTdKrJncF_FpiVQ0oxELM2cUwlTOAtouWnGYsASWjwZiJl1QiXMDHJeEEerKttIUiigM4Bbco

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 09E1 14 KB
6 KB 11ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 22:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:32:25 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 9775
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

40ms
39ms

Script
application/javascript

52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7025407
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
x-server-name: app30.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 6BB7 82 KB
21 KB 40ms
40ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2847926
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame B9FD
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309641/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

39ms
39ms

Script
application/javascript

52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7783221
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
x-server-name: app31.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 210E 82 KB
21 KB 39ms
39ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1032324
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 9775 43 B
301 B 324ms
118ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=cbaf5cf2-c071-a29b-4716-54f7547e0ae3&tv=%7Bc:ftHYr5,pingTime:-2,time:292,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:266,beZ:267,mfA:467,cmA:469,inA:469,inZ:472,prA:472,prZ:482,si:486,poA:487,poZ:497,cmZ:497,mfZ:497,loA:521,loZ:523,ltA:558,ltZ:558%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:219%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:292,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:219,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B89~1%5D,as:%5B89~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgREmZ+111%7C112%7C113%7C114%7C121.488356-54309641%7C1211%7C122%7C123%7C124%7C131*.488356-54309637%7C1311%7C132%7C1331%7C134%7C1411%7C142%7C143%7C15%7C16%7C17,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:72,readyFired:true%7D&br=u
Requested by: Host: 01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
URL: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 02:09:46 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DACE 0
0 39ms
39ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssk6DchJbaaFMTWsFEXQKfozB-IrqZ8ewXPIUOAi2OS1z-4rhjmGwiqODdoqlFQukN5IcTWH2JCjBOm5Nlx9SA8X5YJVXfpHujmEOdkWQQyciAmOPDHACK0xgmkFzjqPQUCQohDavnUBh6vmKoQIQ_QIujjFWJ-6SlTxZDz9Bd_6KfgwgYxAaCJAxwJD_v0izXLP-HeWnRdX7nQu_eIVtUWgYsYQ40Rqs0AL53Di9eABUi828_tMQlsh8-Cih4A5LdiVAp6QAPjgjyEX9zRi1Qs0HIoJixxPE5ofktiejztIJV4-Rc9ucVsUKafaf6EZH9unaYVJag3G6Ql&sig=Cg0ArKJSzD0J0Wy0PbTSEAE&urlfix=1&adurl=

Requested by

Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame DACE 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:55 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63831
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 08:25:55 GMT

GET
H3-29 200 user_uploaded_metrichpe_300_normal.ttf
s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/ Frame FC88 67 KB
30 KB 31ms
30ms Font
font/ttf 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/user_uploaded_metrichpe_300_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e5bcd87d9f65ab9552105c9026ab15c249c8b03de558b28a185586a36ad309d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30987
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 200 user_uploaded_metrichpe_400_undefined.ttf
s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/ Frame FC88 67 KB
30 KB 65ms
65ms Font
font/ttf 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/user_uploaded_metrichpe_400_undefined.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e5bcd87d9f65ab9552105c9026ab15c249c8b03de558b28a185586a36ad309d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-doubleclick-media
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 30987
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 5 KB
2 KB 22ms
22ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame D59D 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=1743017427439559&bg=!jY6ljsrNAAY6sG-_OrA7ACkAdvg8WoPSVXexzurXfweYzU0ZIdX2V0mrDJFFD7ifLUIoE3KpH4Zh6AIAAAE3UgAAAEVoAQcKAJOa99ZhH2G6gxsevxdL1xi3W8pszFwVNVuTHgEswvlryLjcEZ-DXefX3A2mFG5uiPj0EphRgf6hSFGGgn8z4jgyqZbXHmigvGurTg3UHICsAFLZmKVPqHz1q2LS-1-uaWD6T935I7XwQxO15csQUaWnVUno1636h_y3Rw9U_KhGjvpHgGSavgSwao5Jt0WFNVgAq8WZApUIL5XjOg-cH1Tw8KXdbF8NOfJrCOFmAFNaiyyrwgJxhPunIp6P3FxI70xTDxc_BuXGWoPAlcmWixx0h7vPYWAAk_5A1zP6C1K6J0XUw1Y3ftu_QgZYGm-X4hjhSe3rQyBUId4Yxac7v5Xade8ChVQ2Tzm7JA8A7UPkyunqInSAZ4ldFcUXVCUIguzYjDT3EkXnp6VVa0kyrAL-MUxSEmAXfHVz_c-_NRmWOjsjV70nLLrV87TgQzsM_Vl9kCpxb6K3rogThVVRPAMz5dpQ-032r_vCK0L-b1LI3ySZzNGdCUrlFcUfsXHMpx0LnvI_caARUmdNgpQc6buQhtCls7lYN2uBkzLpEwBV9sSyGVhksfhjLQcilaEnujfwMFFye-a2Ie6-ksGGv6brhXvRxJZZ-SwcPe8ekoQWcCZo3D3pITNQcEpmS6Hu_79qXb8-vmGewCJKIydNhC8bYbTzeENE8p9XIq-v30lONR-St4-81hw8unz42o8cLScsgGzmo9WiyI87RUfXjlEbdMNGjbMS-9pgdcCz08meUWQCI6NB7AJuidi3KNMG1FfT_Z7zlBxS7etRaz27BRE7b_8QLE7Uw0T8fk2IdA1Ed-4_eVkoNjr5-W6YAe9ekv2Ok-8u9bYrPuUleHcBO_j33bmK2Ae0CxLtQIrh5nBD_RdQLIMS_3sSIcjuPgQzZoVL7fXuhImZ0I25TrNmbogT4TJCzIKL4aP5vExMJm-xmbNagNP5QxHfSKQQ0hhiNgV15Z12F__NDElz4LPLVpaGwI33oWum--uI1P9ommAPt9cMucW7rzgOq8D43T1XvimjXdOoWwhvUs9Bm5xGbyp_cxJdjBT9kK6eJ4lY4brA5KsUBXhT9ruTPZi4

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame B9FD 43 B
301 B 296ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=6a8c2d97-85fb-63ed-362e-a7712ec691d3&tv=%7Bc:ftHYrQ,pingTime:-2,time:445,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:304,beZ:305,mfA:668,cmA:668,inA:668,inZ:669,prA:669,prZ:675,si:677,poA:678,poZ:682,cmZ:682,mfZ:682,loA:705,loZ:706,ltA:749,ltZ:749%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:372%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:445,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:372,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~1%5D,as:%5B81~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgREmZ+111%7C112%7C113%7C114%7C121*.488356-54309641%7C1211%7C122%7C123%7C124%7C131.488356-54309637%7C1311%7C1312%7C132%7C1331%7C134%7C1411%7C142%7C143%7C15%7C16%7C17,idMap:121*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:72,readyFired:true%7D&br=u
Requested by: Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 02:09:46 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame F6E8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 22:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99441
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:32:25 GMT

GET
H3-29 200 B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=h7dyqu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstagywsZO89znwld0FKVU1cGrgn-dr_82BAx_kNilt... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame DACE 36 KB
18 KB 61ms
61ms Script
text/javascript 142.250.185.198
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=h7dyqu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstagywsZO89znwld0FKVU1cGrgn-dr_82BAx_kNiltEMFnC25Vj4LqvklwdfTCvcv42pnLgpgtoBMXVfl4Y0526JWLMbQaTzo1ykCVHJWtQpDgEUeHh66Wh1--WBjVmshyWtXlN80CP-kyaL8DVdFhtamtcCqQblaetApsn7mhoneWG5c2VM0JJg2iIKVk2yh3QS-JQiOb5iFshc8aCX63RyIYuns0lJG1cBhCYehKTavoAzAf2IkVRaLV4ThgzBzVpLCk5-qsbIyT_9jtKGu4qgtSYgNJ3s5oPERCshHkx0VdIL1j7SClyPe4mH_0E3hRuxLSyvGk%26sig%3DCg0ArKJSzNygkSEJFFtUEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=1Eqa6kL1M5;osda=2;sttr=64;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.198 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f6.1e100.net

Software

cafe /

Resource Hash

2ac48e6843e142c5f80369afa1c98d33175ac4aa7c7ba7238ade58076ac3bf2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18805
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 63EF 0
0 39ms
38ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv284mQRTpLxtkvoPmPtUDlabgK989SztjK5f6DL5yxmQZwodTfpysso41upjxlCwiYBuS2etoQFgadlRT_ldUOmaXhJftLX7AwC28DfSIQM27JSzNxKz2AF4yzFwK0CwQ8owzBiU9kq6on0fABduxbnuLIpmJfJfZ6Mo76rDlJPeTNgxTrE_smyZUV9wVK4CLht14QY3b3DedqqbTjTUOuaCJfQd5-UVrgjkG9QsYsxxZN7eD0PKgDh5pBVat8IVCzHip1TRsdC6YfoITUQBnUD5BX3YLqNJ39cViUqvgoPSz-QzXtc7_wNi3loP0bv3YyoDE4kpr2mQ&sig=Cg0ArKJSzFQxuQ6k28e8EAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 8B31 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34220
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame DACE 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=h7dyqu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstagywsZO89znwld0FKVU1cGrgn-dr_82BAx_kNiltEMFnC25Vj4LqvklwdfTCvcv42pnLgpgtoBMXVfl4Y0526JWLMbQaTzo1ykCVHJWtQpDgEUeHh66Wh1--WBjVmshyWtXlN80CP-kyaL8DVdFhtamtcCqQblaetApsn7mhoneWG5c2VM0JJg2iIKVk2yh3QS-JQiOb5iFshc8aCX63RyIYuns0lJG1cBhCYehKTavoAzAf2IkVRaLV4ThgzBzVpLCk5-qsbIyT_9jtKGu4qgtSYgNJ3s5oPERCshHkx0VdIL1j7SClyPe4mH_0E3hRuxLSyvGk%26sig%3DCg0ArKJSzNygkSEJFFtUEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=1Eqa6kL1M5;osda=2;sttr=64;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:31:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2267
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:31:59 GMT

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DACE 0
23 B 78ms
40ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvu5_JYKnoVtu5VUQAzkL4_Yn2HgFGX6WzFz9_LYF1OuEn8N7AVcoiOqedLC3EHXC-lR7fqwSbQo8aNkszWwh89lMlX550jRrP5Qqx791c63zAa2Q4xp7klcJZFnyYy6ASThyoie0heFMAOPm8b1GomrmFBleVw8GcqwPJ7KemnHQ&sig=Cg0ArKJSzMAphNzg6oVtEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.83234&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame DACE 0
0 111ms
110ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149970867&rndnum=2015778260&site=N7442.3728797STATESCOOP&adid=495002691&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;sz=970x250;u_sd=1;dc_adk=2711260096;ord=h7dyqu;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsstagywsZO89znwld0FKVU1cGrgn-dr_82BAx_kNiltEMFnC25Vj4LqvklwdfTCvcv42pnLgpgtoBMXVfl4Y0526JWLMbQaTzo1ykCVHJWtQpDgEUeHh66Wh1--WBjVmshyWtXlN80CP-kyaL8DVdFhtamtcCqQblaetApsn7mhoneWG5c2VM0JJg2iIKVk2yh3QS-JQiOb5iFshc8aCX63RyIYuns0lJG1cBhCYehKTavoAzAf2IkVRaLV4ThgzBzVpLCk5-qsbIyT_9jtKGu4qgtSYgNJ3s5oPERCshHkx0VdIL1j7SClyPe4mH_0E3hRuxLSyvGk%26sig%3DCg0ArKJSzNygkSEJFFtUEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=1Eqa6kL1M5;osda=2;sttr=64;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DACE 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 13:02:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 133642
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 13:02:24 GMT

GET
H3-29 200 04262021-072235905-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png
s0.2mdn.net/3569326/ Frame DACE 197 KB
197 KB 9ms
8ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04262021-072235905-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png

Requested by

Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eefe62a178a6a04c30889acb8eede1ed6820738d0ec5525d3399fefc22bc71e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 09:13:53 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 14:22:35 GMT
server: sffe
age: 60953
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 201873
x-xss-protection: 0
expires: Mon, 14 Jun 2021 09:13:53 GMT

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002691;cache=2015778260;
ad.atdmt.com/i/ Frame DACE 43 B
171 B 32ms
31ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002691;cache=2015778260;

Requested by

Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: ddmF+fbbY/wItc1a4kMsyQT0XqRHYiF7F7fml53/DFUxJGGxRLR0K6Ybct8jTnLJgfIpEtFRZbNzqCHI6NvSjA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 02:09:46 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
events.mmi360.net/ Frame DACE 68 B
134 B 195ms
194ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149970867&rndnum=2015778260&site=N7442.3728797STATESCOOP&adid=495002691&aucid=&exchid=&sellid=
Requested by: Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame DACE 183 KB
58 KB 40ms
39ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
DATA 200
OK truncated
/ Frame DACE 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8bd61813dcc8cecbaefe46f3d1d6bdc10149d7ade77c84c5e2ba85fa02f73395

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 3CAD 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060901&jk=1622630129198611&bg=!CwilCEzNAAY6sG-_OrA7ACkAdvg8WiDjUpHjvgi2UYN3RBfbSLOXvsvWIq5oLZJro8TPx3t-IeOBpwIAAAD8UgAAADBoAQcKADjNoLUvztT9h8Hmg1zyrGBqQd2k2S6fgmyJFgu20B1COUrUKEciLr60WldZMj9ohXHpqPT3gGu_ppkCloKt9s8BIWiTz2cQBNNjW4CpStS81bNV8xvnsLw0kNeTgLyngiUjVGhxknepzNX_GabM5ctbLLrx7z745srXTfY9BxgxpXIrzpUYIKzVbWamyzt3JyqqxhCRDaxaCQPmq2XC1hoZ937NWfnWQdTnVrMAArzGHpDlscHsqDq2iailGEki61TAVDyOCntll4-KCLwaa-KoaLt1AI70rDQOEL1BVLGwYOLfuVlmbm6YGTdCupPy74tPFl1KR0glV4eeFs0wPaFzo0UG3z8nyuZETUYKCpHVvSVe3ujtL0Jd59YxvPFT2mz35rKix-VkceF5pxR3n9UYXumrOS85maCvxQPbFFLE-CW4CWg2pg1lZ1USK7MN_4p1BYwI3vC0uCvq9YSfa_v24EgKdr4cX5rziHNzK7snM1g-BKFhWkyIAroBs3VFYBw8kDnl9TZbzMYyIzMdeamemCTjbEzmoEE7DDeEznVqi81YssGj9tNe5hHOQYCVbOY8olSmi7tyLsC3EIblqgprvsQehM-epUrL-tn-cfDjFQ6T4qnv8KCbH_MIkshHn_O2yh1k3-IAYtHBf1BlF3h4DrZw26gOnj68wb5aCYWRYJS_ofp519wCjYtN8SFJQOvIzj_qtn6VAh6eQtrkceAKTEDJleqrT-bIU2nsVpgS0-qYDWzkexanm5YfVLREEW3kenCdd7z7fw_cqp8XwiyIWoImzCQDxYYj10uvjf8SQrg8FnzrVZKE74Tw_rqZNoBO60IpvA2R23tVf1fwcLyxTfKLGrMqpM8-gwycMViNFso8HUaZaA4MtVb9ak-EDe1yvvntMJBL1amf7ffQCgX1zgAY4NjNj_Zu9HOk0nYm5a3T_MdJ2NjaTWbFk63LvKR9

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 41F1 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sat, 12 Jun 2021 07:00:55 GMT
expires: Sun, 12 Jun 2022 07:00:55 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 155331
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame DACE
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

39ms
39ms

Script
application/javascript

52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7783221
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:46 GMT
x-server-name: app34.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 1DCF 82 KB
21 KB 40ms
40ms Script
application/javascript 52.49.37.161
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.37.161 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-49-37-161.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1032324
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame DACE 0
23 B 39ms
39ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame DACE 0
0 39ms
39ms Fetch
image/gif 172.217.18.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssRb3C2DAGuU272xtOtZuZOHbFCbQOOOpeVV9XEDG3zOstqjpted7Z84PdsSnPpEwGyiC05ijRt8RrZ7nfiDBiohwzEKagIG22OI1iqVFXe2fG2ex2Ni0OuwB4NHq0UmuotSIArG-uMOxyjqUsWZMe9YhrGH_vCCq_m0pz8YSIAMtNcPn6cuHIuGKAearcMdyjKcqt8CfHjMTqyYcYVtkqpo6cffiyLAFzQSvUivOACaN1b-O-vYXt-ZrrBCL5n3kIDwefLHYZqi-cYCIINGvy12FAk-Zm84bb6psGfqvFLBYxeFlE-N5Rm609DaLLKpyQaB26Anuh16YY7kgQ&sig=Cg0ArKJSzDCPgXrcjPlwEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

172.217.18.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s42-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 02:09:46 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame DACE 43 B
301 B 100ms
100ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=17309cab-d3cc-9132-580b-d7824bc466eb&tv=%7Bc:ftHYwq,pingTime:-2,time:177,type:a,im:%7BpBlk:119,sf:0,pom:1,prf:%7BbeA:476,beZ:477,mfA:581,cmA:582,inA:582,inZ:583,prA:583,prZ:589,si:592,poA:592,bl:596,poZ:596,cmZ:596,mfZ:596,loA:633,loZ:634,ltA:653,ltZ:653%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:115%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:177,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:115,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B72~1%5D,as:%5B72~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgREmZ+111*.488356-54309639%7C1111%7C112%7C1131%7C114%7C121.488356-54309641%7C12111%7C1212%7C122%7C123%7C131.488356-54309637%7C13111%7C1312%7C132%7C133%7C1411%7C142%7C143%7C15%7C16%7C17,idMap:111*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:62,readyFired:true%7D&br=u
Requested by: Host: fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
URL: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 02:09:47 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 9775 43 B
301 B 98ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=cbaf5cf2-c071-a29b-4716-54f7547e0ae3&tv=%7Bc:ftHYwX,pingTime:-10,time:656,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636587010%7C%7C59af789b9ec6aaa5d1c6c822b7963e5e%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf288d42c71614982225ac83eeba86531%7C%7Cc2a3a1d179fa77bd950bf9ea2bf58462%7C%7C3c6993cc7fb7784955e73b0e94169f45%7C%7Cc49de04df154ae3b503baf074d0fdf3d%7C%7C08858147f1a247fe1c64f285bbaf9c1b%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 02:09:47 GMT
X-Server-Name: dt57.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame B9FD 43 B
301 B 139ms
99ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=6a8c2d97-85fb-63ed-362e-a7712ec691d3&tv=%7Bc:ftHYxn,pingTime:-10,time:788,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636587037%7C%7C150b5defac25eb22ec479605ee203b2a%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C445382dab8cc1972ad8d2db713b027b4%7C%7C03484d4a45187c4dbd14b2914a56cf90%7C%7Cf0af5724ea625fe6455be3feed3e2f22%7C%7Cf8c20abad9a54b945bc04bc2f4fdbf37%7C%7Cadeb3a19ebb2ef3d7f46acbdec2ccafb%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 02:09:47 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 41F1 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 22:32:25 GMT
content-encoding: br
x-content-type-options: nosniff
age: 99442
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 22:32:25 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 09E1 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B0MTJarrGYJ-MCqPl7_UPqdyKyAcAAAAAOAHgBAI&bg=!QkGlQQXNAAY6sG-_OrA7ACkAdvg8Wh0p6r-GztCp8FkY0yJYI0duZthAO2hPlRljB-OAQEM48oewfAIAAAEnUgAAAERoAQeZAuMsCXvl_E-5fN_7Hv-59o4wkBssQhErYLSmUWWYmOPUgv8jE5cQP1MgsAbI9wfvB9V_tiFT8xrlBaIXMHSPbepe37xnOtkWluFjqHIAtrv56At9MP4G1vHWLhsA8puywp9pX5DEdXPg8ayFuxUxZIt64UyoxlsbrRd8IT_pxnRYNLaBaQL7LyMGu0qwSjOOK3VuVnu-Fv6XNItaBucS4BKxCPE58Kw9Jo8bNdGsAC-y2T0Z90XO4eqxC33SdBaOveyZdnZSNreNaxZWrR0bFolBVzKsIuM7Hb76kMqEdJDkZhz-gEv-jz9K1xeHa2B2dAPgxrA5UvHAZXr1lNaVmQDCeznutB2Y3rOsefRvBquiqsnySX8pIvgSEXI2DQJC_oBDHQUJbe4Sg2INMOQ7FVOG8M8etxOTiTkTnZ4Cdq2krXh0rMsDmAiscydLImaNmijB5Mjr8ycO91Dt8GuGIdqEKo7THYzOmNyEIgGXVonrQE9wFzRQlUltvaROMGD6rsATRFycW_sKVLiV_9rQe-gkY_cELFVxFmdLJxrpo1ulE-FIpw0IeFbaDUD693zAzJ04QN_-6Cfl2VWDzaRY80FDtmvqgru3GEU1m0opoXuCxb0QiBqPeHACOBKmWmoEB6gKL9dnPsY6jiPN6HY7XMP2QvXTcnWdUPXue-Y1Cb3GyMtR_UfHYlTPcB6FTQIWGlQw-fKlScYffnnFETpLEBiS_UEzWkevwQYHqpvo3y78Y4cmoubqKGH-ay0GTZj-HdwVzvCHvvbR42EAx-42ZiLrkzgxqa_VF-piBOBF9G1s5OQTAQKMPJTqSTOlfHkP4clCUH2GnljO9aFyiwCjhnuAIfDkIdZymihG68gwCCym0kzYn5Us0hUBal--dWpqyObgaoV2WsQ4EVRUGoWLtX8zW-B3LbgL5CUBWV4_Pt2x5BpxcDTqrsgIoh90dJzm5Y4XMzZ7ufl4PbAwDW8dO9ubdnNs

Requested by

Host: 5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
URL: https://5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame F6E8 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B-PkFarrGYLu6EILT3gPxjKXoDwAAAAA4AeAEAg&bg=!k5ClkNTNAAY6sG-_OrA7ACkAdvg8WgBpZfleh2dZUawUuh_GIRS8uLxktZNpY1LP0aKUnjxrqh4LnAIAAADhUgAAAC5oAQcKAKqO77-49l6Xocgiwp4t5lckQWd5iURuXK0a1BPFCGOcYR_SzGuewBpolGGsvhHu_qIP1TmMUIdzA6PfexmcZrtBdBaolwtNzlwNYC8Auod0p5bWfmpR9NmBzQDbaSIm3Ieu8mUOV3AMLSQI0GmqSCCi2_2C4nQiJpCcgwwVyq2zVEOf9LJknI6vJ6WOkr-egDRgfaZQg0XuYuK_RAdSU3tCsKuXk3n3fRbD2JkC5Ah45JZ106nj-jSKrpxQ-tLhOd2cRsz6e9-M7Z8uvMcgZSyixiei7GSyzZjrcoS7D_LIPMpqvToA3x6W23gKYSBRonpHhnJcyKfclgOifs7nO5XaOv7R_8o3-joC8DA0wN5RgW8EMj9e313eEoUtztvRac-mmJITPqqU_kPm7jdlofgH4GTGDNtpxL2llYXEefELC0wuEA_nPU6_MJyXQyMDHIt8_dIhfwY5S_msTB8vsg1jd9h3fmMJjDIGKLrtPRaLYSUvaj6pLHpoLICdarBnV-80-YQjt-H87_UXKV0xkRZeQnFRXkSU5jFtIfJk3RYfWFxCzobTpiwM2dAQjX0OpvLusfa932_2zN1ZKPZe-u7p24AJuG0mK_pLp65jbtRbf2ACfq_Xj3j9ptN01qSuQvnmLqV_5bUvoT1NL5VEsZ8zXYeuM6AlymFHDjKy0K9JKJoZpDDN6N0_TwcFyp8W9Rxrr4ubVEajSdB71oB0u9EkYd1PtxEs4zKxhmf_quBF7bUXmwsva1R0xYa0YovDIlNVeU7IJKZr6s0PfVayhgnLNdlJB_yxfLty_UGrm4fAEjit2HKreygvrhYPsYVjztgjX-fR9OqqDi0dpcPqGbIhCoAui5Xup1ma24ElphGiw_JqPAawj-RQ_EMcYlt7tr9qyvGaQS-9jDYZ2Flr7xJ2B-m-ESGWfpbAQOKoZknVJWJ22k9JM85I1-Tgp5h7B6QTw6rSnK82vJ6YI3mcts-OcAziKusOW1feFVLXvtoR8MsIvu60pQlFg2QTIwUXd_ebBrZqs0vk_S2BmOdCFdCFYPA2ptR5R7VKgXmrOwnpVyPI3VU06Y1bb6tLl22Lw15IhYF84pe7aEs8pBcJ7Gwm3SPiBFsrm76zVgKWRgdXIOvRyiJfG6vKyjwhsk5N2Z3lP6Ysx4T0OHvuczTLUC8qSl5Ymu6RaQoRc7ggICHpYjHkqBiPwRiHpFtoSuKaGSlB

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 5E40 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=1792394476200764&bg=!i4iliMzNAAY6sG-_OrA7ACkAdvg8WlkmuJUuWmyUEOeQojTmjySp1-QKLYETuJdfabwpxU9IvG76EwIAAADxUgAAABNoAQcKACEicq-xd9ir2-hDd6vy8JazX98zxR26VV2yILa4eR_YaGuZAovHg2awv5kw5bbsxZElYuXNslvwAFJRLTKkeNopsKXyvFbv-v7KjIGaRD_N-c3ixqPdxOChwywTFUo3CPmLqk6dgHt5DcoJLBildmz44i12NpX5LUQ5QVJ5dp2iBDiZGg02WpB8kdAVyg3kUO-HJmK6eJVUO4U_nG8ORnfapHDaQx7aGrUXuS5-dF5peLo71A4QXhFun8w17De2zVejPSDp8Q_dEWD6-b6E2vwIoVecBmpIrv_50uWHPnMSnR6EEPIJxaq3HvMHXAF7rL1_ZM5wvAxhoQmDoOqawS8rYUJOZTHi0b2WdHCcPAUpz-L6KS7eUpX2P6yehttemtrMlYRY6SKlYkTDDd8fONybAAMT4xm8YPyrfaiLjJwI1VWYjSjiM92QxXO6DEJN61NgK0X9h927Ojh49vp97T1_G1NBT46flmjUwIHHoWQGMVHOgC7kuylJCHTb8evlrSKLSNO99zl-Un28NdyIHTqyU-fj9rjCQ8zFRmICTRhk3bGNvyfRUUpRTXvC4NCobjrM3Uy1ubktn-kA-P6mNlzySZtT4Kn1oUeZmX-E_0ZDiiqY7KjNBT1WTvqhsCVPAGvGG2bRROphH89b5_T9_bXaRO-w0o3YlifaCOqZm49G2-A0dusTI6cgNogIWlEoMXtmki0eWLrYX49YXiciysFQ4gwBJ7EvsXU_2MzTBbEz_0Suf8rmKCpN89Xl7EPLiMKgbM74LPS8bcOjSw_05DOJY-uRNvbZ_CKM2iCuGKcjrVDSCE6Kjn-aROjVK9loX2wN_XqgMLW7AVEXzVJWyDELqiGTy48WeuImOnQ_Il-RlOHFFEfrs2tTT09njuOURmTf8qqWDR5Nl92Pwy2uEGc

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/ransomware-iconstituent-congress/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 204ms
142ms Script
application/javascript 104.244.42.67
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.67 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 02:09:47 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: e41f3e040861b7c7af14b3259d613748e83c4be23b10e6a1fa148138b2943c3d
x-transaction: 93728940b6d8f940
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
383 B 54ms
33ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&t=Ransomware+hits+iConstituent%2C+a+service+lawmakers+use+to+communicate+with+voters+-+CyberScoop&cts=1623636587187&vi=e45332049686afc502355a183338ee9b&nc=true&u=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&b=143679850.1.1623636587185&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: c102236d-8c0b-479b-86dd-692919a787dd
cf-ray: 65f004be1c175364-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9e14acf000053641d213000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=SzoJBgv6yFnYuWoM%2BPH7eMSfsdTFMSAaKCMDfxf9I7QBg7pVrHbF4T%2FRuPjVkCrFbdl8IuX3FeQXwKKE8BsWoqbQZoIkMVmbUXmUoll4CcLr27LecQ5H5pS07TMYimfszM%2FC%2F40nmFghsw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
814 B 49ms
28ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=d959a0c2-be69-4508-ac98-4e6101fc1151&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fransomware-iconstituent-congress%2F&t=Ransomware+hits+iConstituent%2C+a+service+lawmakers+use+to+communicate+with+voters+-+CyberScoop&cts=1623636587192&vi=e45332049686afc502355a183338ee9b&nc=true&u=143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1&b=143679850.1.1623636587185&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:47 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: f6d32586-c1d5-4ceb-9e0d-420e66b09f04
cf-ray: 65f004be1c185364-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9e14acf000053643b160000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=uuWplrHekL2LauXInpBQRN8g1JmpW7d23tdrM0z2xX2DBeRBp3tsvar8VQQJfxxUGuMyKo0dcfOFT95OoraqFNbd7hGcncYHk4EroMutD8pjpY%2FcHR9ehLMcHrDtte%2Fv3pWTd3Mk43y00g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

944a65fa447c468a02e0457c2ab2d5db63bd4ad623aaa1c4f30909d40c7f4d82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 02:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7844
x-xss-protection: 0

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 41F1 0
20 B 16ms
16ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BOP5JarrGYISlLYSn3gPqtbS4BwAAAAA4AeAEAg&bg=!-fql-r7NAAY6sG-_OrA7ACkAdvg8Wtv9Y7WHNCmyrBxAz7CL2wu_Uv7s2Ji2INNTzs1CnioizAJfjAIAAABRUgAAAA9oAQcKAAuHM7L7qtRw7oGV7JkC260f_GUjhLhc9VGsT-lEYW46QvGvMfD0FIMP2glBhvrNGld6yuINWsxOnc8zzhXAGT5TbEacKjglMhRpSSwvgTReiSdpoF63SEYluVzbIiFys9a4gdyvlbheAV_j2PAMvRKCphzqUOlGAjjlM8-LidxxA0maghgCNZHs-M0a46fi-6fr4389ZlxsQaiybQ0oVXanrCO4tVNNkg1SsN-hy8vUMcj28qCuWCxYpqkU_ooCpGcvqA1Agv-TJkl14ojZ6i6Pe42vn12Wzv9XChjf6y8XzI1PYkd4e9irchGP19-993BxYOF7UAZaQbOGoF7KGTogt3j94Cg5XXibJ0uGgpOBhY5iLcGvRRL4YjvsZQZXCjmQs26cBmTEPO1qx4Efwoh96fD0-wfL0Bek1OgyUg8gEY2zfuCkhKxx5at6oZI0uNhI3P2ta6nRLc-0CCp2nZ78TMElE-znaQBus0HJE0OVjtnPA0CVWnMKW0ghlM4vh2UJEoR_fPvFfRzs77ev6yhVUx9DP4vYKLkL1-OZdTF91QAkYVn7jV9CAvLDQV0OELq3ndXw0ABa7SpQeYkfP16LtZKqf4Vbtq-kYT-dCK8urclHmeJmiFa7XpqTpkGkjlGjTPKqqKvwGE3QOgizW7SgCFyPRJ4geHfSyd191_SYSLueq7ImyhLfwlvKct11LvGLmCnMeVBIbf2juV9LkUcIhESlr8J-TdNACPu-UHGkFY1LuDSya-601qhvy3XYQtTJaV2ILqeb20SdOZfzlubu5voJ9HPxmT1SUpE4tv3iWGwrP3HxeCN4sWo4ink-dVuwdnBa6C1lwB1kaNwbmLR9C61Ws0EHwtNmlrQbXv4kwy2wuDPgSZuZGEcXQWXnR1pg4xnD_ZVdrceHCnD-oCMTqALr_b1za0-d30_UKxSSdWjX9_HbmUbJA8zJqO1Yfh-kxlWBUKtPxiWWlQTyCADP_uUTnmaA4e6g

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 02:09:47 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame C6AF 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:80f::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 21:17:06 GMT
expires: Mon, 13 Jun 2022 21:17:06 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 17561
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 2490 783 B
533 B 15ms
15ms Document
text/html 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

b1e3d80afcb8d7af840f9d43cb8fabd0889b331e9e5c4fe1001928e9d685aecb

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-NOaxmjLJsBmF1vhU2yM6bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 02:09:47 GMT
date: Mon, 14 Jun 2021 02:09:47 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-NOaxmjLJsBmF1vhU2yM6bw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame C6AF 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 16:39:26 GMT
content-encoding: br
x-content-type-options: nosniff
age: 34221
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 16:39:26 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame DACE 43 B
301 B 99ms
98ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=17309cab-d3cc-9132-580b-d7824bc466eb&tv=%7Bc:ftHYBH,pingTime:-10,time:504,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623636587305%7C%7Cc60569e67fecafa5250578f76eb3a796%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C73164ecbdaa84216c953d8a4fd48e2b0%7C%7C1e0835ccabbd493ec94edd09945d0236%7C%7C6e493ad4d3a48b31cad857af80d11984%7C%7Cbcf8a49315a80aa3d6f038b87593034f%7C%7C995be72165ec7c90d4314fdc0aa77ebf%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-,im:%7BpWait:25,pLoad:295%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Mon, 14 Jun 2021 02:09:47 GMT
X-Server-Name: dt37.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=4469720530063338&bg=!gYKlgsbNAAY6sG-_OrA7ACkAdvg8Wi6GXcCnjy4afbtWdAQXpJKzxGoJFsdHrhTNtYoaCaAgDDVPqAIAAABrUgAAAA1oAQcKAKryzD8JJ_S7Nyj9xXCsZcoz3-880NZxsUAmio00nUAmIoTeBJOOKKOE8G1z5PVxQMRm4ARmhLkbHoU1lo5K2uDQtWAxF2XWJNeXRd1x96QmXGP0bfAjzoPopX9kZPYHoNEs7uIUKK7b7bkPgwsDHyZwUOoUIHQqbcerAW6uq3H8HUYWQHqznu7t4cdgXTFdb3m8Kn6WAh6XaMLmt7r6fYHQp7-G1xOxMMPAdpkCdmpn4GKaYU8hxooD1GkZl6_AlinB3Kc-1XFbGFAzHrfwfzrHOF6w9qExfFmSNUL5uqN-tToV6-chp9QJ4GwxO6crz7Lg4Aq-ZpcMbFqXU9NcKz4kYEQw-2u-r17NP7FXGYBTdDge0ax97GRwYILR9jAG8sY9EnOJH6GkCY2ufozinUpoOnRt7Y3dzqwAvM3dn2dABkQQ2gJw8fvnUrYlL-zUbsC6FnSNmR3C0_YbMIfOq7GkHDuE9GwZngVRyGA7VXS6GkNJsJpRPVoJr19w_iYWMb6PndrhsUM2WxkFDAq9-lbxH0CARhMt4Y6SQ6wmdyBVQalqv4YSytGfdqqRTzvtsIHb_vxKIFo44OOaP-OsM39iMhDOESdimzZhcEkV_0Wg0zDHaHI-T40PqAk6Hqgzki0qYtHB2-b9bFGhI-JXDn5VPN-7TUUGIab7vtzNYWxq_QiK6e-ceTXkFrDYG3QCc9TS8xZJuOMvADkAP7S2jIAV6woHiPzAEFZBQW0BpL2NUTP2S5Nq9IiNC6YasNVrWTvzUxp8RtPThjThGTfqOeeQwtMnCiBsj-A0ASqeonGbEF95yasHw69K_uBgUpKpcjSDJbLs3RotyaOhFVXiCVWhjqe34fVu8C1jZrGihkDMX3w3kLrPbwFw6rKXjIoozFQwP1W3Pju2Ba2oBqdyVFqYit7zhflU0fT9qjmlOzpNMt0e36GwcHbmBSYkTcmL9fjE5PALl4VVnDdNhlq5LBMVn3MAfiDm5X8Kz039i0rAfRGNqoUaLaKuAiSAJaio1lErgwR8emfcUShXb80Afsag2wJEcJm4AcTZL32Mat0JTmY_Sw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DACE 42 B
64 B 16ms
15ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsszt1iFqY1puKGcRN1JBD04yvxU2zMEomUd8u4gC9KykBleRTMLkVdlQOGNIMqP4mGd2TOtvh1EwfBT25Gzn8Fd1wjJ5gavM-KB12Ygg_g&sig=Cg0ArKJSzKON9ybnDkm7EAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623636586326&dlt=120&rpt=530&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DACE 42 B
64 B 15ms
14ms Fetch
image/gif 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuEUkVFDDvGqc-4SCsWqj7jO9JtbneZ-O-qm0hNvX6UgKUS-Ago-De4N8fn1TTYUYAFSKsTc2y7Qv_GYWRQ8DHfrg&sig=Cg0ArKJSzEd8ARvJ5BRAEAE&id=lidar2&mcvt=1004&p=0,0,250,970&mtos=1004,1004,1004,1004,1004&tos=1004,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2711260096&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 02:09:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 5 KB
2 KB 6ms
6ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 4
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 200 ed51ecffd2e38f72aba2149936a49f95.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 294 KB
294 KB 8ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ed51ecffd2e38f72aba2149936a49f95.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b106950d4c6a4cbd57d6aaca1941435efdf19038c8cbbd1e1a722530c86cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
age: 4
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300842
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H3-29 200 67550dee2daacb4f1a674cadca3e322b.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 112 KB
112 KB 7ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/67550dee2daacb4f1a674cadca3e322b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d721dd2d02c1752e5afca908c64d3f268c73ef89d4d532c428e6eda026461d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
age: 4
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114997
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H2 200 user_uploaded_metrichpe_900_normal.ttf
s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/ Frame FC88 70 KB
29 KB 139ms
120ms Font
font/ttf 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/user_uploaded_metrichpe_900_normal.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

76a5bc04e24f55190ff48c885e28037278acf8e7155fff920486f9ab3eb27288

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29542
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:54 GMT

GET
H2 200 user_uploaded_metrichpe_400_italic.ttf
s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/ Frame FC88 69 KB
31 KB 117ms
98ms Font
font/ttf 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/fonts/user_uploaded_metrichpe_400_italic.ttf

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

364db2a7fc46217b2632d8c9b4b6c2eea725c7fdbb8fee145e6598a24baf410e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://s0.2mdn.net
Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31233
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:54 GMT

GET
H2 200 4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 5 KB
2 KB 25ms
7ms Image
image/svg+xml 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/4e4cc93ddfd2e1b75ec0f0e9ea4f028b.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/d3d4068164787e7f19bc767ad00966a0.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 8
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1881
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
vary: Accept-Encoding
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H2 200 ed51ecffd2e38f72aba2149936a49f95.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 294 KB
294 KB 38ms
21ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ed51ecffd2e38f72aba2149936a49f95.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a4b106950d4c6a4cbd57d6aaca1941435efdf19038c8cbbd1e1a722530c86cfa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
age: 8
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 300842
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H2 200 67550dee2daacb4f1a674cadca3e322b.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 112 KB
112 KB 24ms
7ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/67550dee2daacb4f1a674cadca3e322b.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7d721dd2d02c1752e5afca908c64d3f268c73ef89d4d532c428e6eda026461d5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:46 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
age: 8
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114997
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:46 GMT

GET
H2 200 6f3084c881ddb488cb16629426485d06.png
s0.2mdn.net/dfp/384545/37259705/1616424723238/media/ Frame FC88 6 KB
7 KB 47ms
32ms Image
image/png 2a00:1450:4001:811::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616424723238/media/6f3084c881ddb488cb16629426485d06.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

27f87a20565fb25639ab772215753b9955d2e7f004694b8bcc16556bc9f9d181

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616424723238/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 02:09:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:52:03 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6602
x-xss-protection: 0
expires: Tue, 15 Jun 2021 02:09:54 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-19 19:00:38	Name: __hssc Value: 143679850.1.1623636587185
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 04:22:12	Name: hubspotutk Value: e45332049686afc502355a183338ee9b
.cyberscoop.com/	1970-01-20 04:22:12	Name: __hstc Value: 143679850.e45332049686afc502355a183338ee9b.1623636587184.1623636587184.1623636587184.1
.cyberscoop.com/	1970-01-20 04:22:12	Name: __gads Value: ID=67d132802bec5242:T=1623636586:S=ALNI_MauXsPYmRlQf4fX-v-fTjUjYaNqpw

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M8_2-GZQV1-WJV7CgJbNN4sDmB33HyQPN9hsND6LgSsVW3pmFbh45n9cwVHcXMQ5pkD9rW8KRPVS3x7ZFtN2w5sXMYykvCW3bRGp586CRwcW2fh06h9jfd51W4DGMBC2s84HpW6GT3TP7ZTwP1W5xhMWD6QsX1VW6mfBjM59DLPvW7bhSGj3J1FnTW7l_Mby77Dh56VjpP6n1bB7G2W8VHMkR6Vl-0mW4FmB2G3-xxMsW2ND6Yv7f_5j62ck1(Line 13) Message: toS
console-api	log	URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.0009765625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

01db459ad5e3ad6446d1b7821d3ce754.safeframe.googlesyndication.com
3dd16fd7df4bac57553a631e241f2509.safeframe.googlesyndication.com
5caa5b23d5f677f0776351c7ab007474.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
efec5319556ee1232c8145e9121a9e93.safeframe.googlesyndication.com
events.mmi360.net
fafc9661ac12cea6450aeb946fb71812.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
hubspot.fedscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tags.mmi360.net
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.36.20
104.244.42.67
104.244.42.69
108.174.10.14
142.250.185.194
142.250.185.198
151.101.12.157
172.217.18.98
199.232.137.44
2606:2c40::c73c:67e1
2606:4700:10::ac43:2794
2606:4700::6810:5605
2606:4700::6811:44b0
2606:4700::6811:b749
2606:4700::6811:d2cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:800::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2001
2a00:1450:4001:811::2002
2a00:1450:4001:811::2006
2a00:1450:4001:812::2004
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82b::2002
2a00:1450:4001:82f::2003
2a00:1450:4001:831::2003
2a00:1450:400c:c00::9b
2a00:1450:400d:804::2001
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.12.243.139
3.140.174.87
52.18.126.50
52.21.95.133
52.217.47.70
52.49.37.161
007811af35be7403136f95700fd7ac160ce7967a12d1c677703b7a04be6ed451
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04a7c170e713809a59321cc6383dea53849613a739ca399be527604f920bb443
05beec07162f6604702346c96bd2156596c91d84a439764ed1fb8c0837612e8b
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0d502c8628e76ace6a88d26f29b86be4c872c65e1875eecf26c716f1468345b3
0f752808043aa7c374767f8eb9f38f07d98a6eda886dd22de3d43b186b04c4a3
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
1057bdaee6ab136f0241379a509315bd1da4397a0d5260ea2968d38918e51c76
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
27f87a20565fb25639ab772215753b9955d2e7f004694b8bcc16556bc9f9d181
2ac48e6843e142c5f80369afa1c98d33175ac4aa7c7ba7238ade58076ac3bf2c
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2e7a42d89cdf8bf82c384bbc50c2752c46993688776abac452cea13a56c057a2
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
336ba2feba14602f0de41e7be5fa217487b74f4f3ced4a5c162b2f3f8c0a9a34
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
364db2a7fc46217b2632d8c9b4b6c2eea725c7fdbb8fee145e6598a24baf410e
3dc0b6e4edbfc8d6d8446e112130624fd05d7b8a8cfe62839046fc733c8b19a8
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
42863b88efcf7654bf19561dcd1557914829c874815e39b9ee334d5772838543
43f47bdd7ca113163c3e839c86f8198edfbd81f186fc7401ec2f54b211b70228
4921a1b1fdc95d91d9900fdaa6e04234160ae0247dfb6a44dbf63037d38dd119
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
4e5bcd87d9f65ab9552105c9026ab15c249c8b03de558b28a185586a36ad309d
501a9391f2566e13d08d808678bfd47a7fef4c33eabbf1625b9494fa75db1071
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
5b9fa2e8d1b6e94ea6499fac673b45ba81076cac755cc8ef2c73dca7351f406c
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5c08f7957a31e160e21f72467d3357c7703bf60d706b2eba9dedcda1f709054c
5d45d7ca35f8926cae3a7d290f6967472d025fae975e7d959fb17ed42da53f73
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
60cfbca01a5dc542dbc84d84aa05fee373ae76af068d970c8c6419aa6342025c
62c7939eaaca1823c84410b0cc50a41b6e16e9bb1b974c3e06d01997183f1103
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6519e9c01b07e37c9403263071bdcd829528044c537e1c4ce58f5dd0b0b6cb61
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6e69df30c50a02a1fe22a474554405836217abefd5f3ee8ffeb16a8623ad1f47
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1
76a5bc04e24f55190ff48c885e28037278acf8e7155fff920486f9ab3eb27288
79cc192458ca20ad45d51d1a6ae6c26994a23a9f882865613ee52b342b47476d
7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9
7d721dd2d02c1752e5afca908c64d3f268c73ef89d4d532c428e6eda026461d5
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
806e91dc989e89c0933e37a3a84b73a9fffa7bb469a367dbcbb92108b5328f96
8413a195c3170876648be20323d8ed4d4a7a92137f62a53a92eb9af71d5b1885
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
896fed6cf068a0d1e73a60868a06def4f229223ab2f78856a90f7f81ad9157e3
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8bd61813dcc8cecbaefe46f3d1d6bdc10149d7ade77c84c5e2ba85fa02f73395
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8d29d1da01ef8a0973793ebb8d840e76fe3717b7f1fe58ba4d0abcd1f3a2cfeb
8d98ba3939b21a0c520767950d6964ca73f62348ec71bf30ac2b48279aa9b148
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
944a65fa447c468a02e0457c2ab2d5db63bd4ad623aaa1c4f30909d40c7f4d82
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
9866f495460a45d1ec832057bb5b598431206528e7c74fe242d875cb31b3dcd8
9c40365b03586e95cd205a86182554aa31f566bee0022d2d84110198875ab11c
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
9fc98a5f2ad3fade2176c7f4d057c02a332ee5d3e532746414eda6e88bc46ae5
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4b106950d4c6a4cbd57d6aaca1941435efdf19038c8cbbd1e1a722530c86cfa
a6f0f83f30b16325ecd0b26026c033469e70e3729f328dff5d5524a746e44bb9
a70a68a72a20e1a6e31e2eb01e949b1211be4fc1ca9a9bbf053709d8daf8b4ae
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b1e3d80afcb8d7af840f9d43cb8fabd0889b331e9e5c4fe1001928e9d685aecb
b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b
b4c123bfe0528acccda44c5ac028eb8a197095636da86afc08a3efe6c190b3e4
b51160c3d152a1b49be74dfb2b74c8160d46acc5e10a44795af4298921842d29
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bd1cb359ebb5fc8023f9e0df4446ad9fce9f64051bfc58b2a907ffd911071ba5
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cb6af58bd8cb63e2491208144d24b608f55e6ff086fc8a436e7e150e1509b6da
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cf846a73481d85a57d1056aa96f382688122246de5a2e9019ca0bc75ffeb7dae
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
da0411812fe65766abc7fbdacf7f256f0fd1de3d4c752f3552b42c23f247768c
db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
eaf49873148c71e866f814b289ce9d3ec07874998f2b507414db2bbf06702efb
ecdb1f9033b14ecae8b48c6c031db9e36aa4def65bbf01d81c1fa5936d0fe0ba
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
eefe62a178a6a04c30889acb8eede1ed6820738d0ec5525d3399fefc22bc71e4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2b6029c77cf8136771c7c88557053d581a66c31a2ff20755e570874da8b6068
f40172e14e9b68f8b78161e7a45561708ea431ee21525c50fa484b6562da2d0a
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

254 Requests

100 %HTTPS

67 %IPv6

31 Domains

47 Subdomains

45 IPs

4 Countries

4611 kBTransfer

9677 kBSize

5 Cookies

15 Outgoing links

Page URL History

Redirected requests

254 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

254
Requests

100 %
HTTPS

67 %
IPv6

31
Domains

47
Subdomains

45
IPs

4
Countries

4611 kB
Transfer

9677 kB
Size

5
Cookies

254 HTTP transactions
5 data transactions