www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5F...
Effective URL:
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Submission: On June 14 via api (June 14th 2021, 1:29:46 am UTC) from US

Summary HTTP 257 Redirects Links 18 Behaviour Indicators

Summary

This website contacted 48 IPs in 4 countries across 31 domains to perform 257 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:2c40::c7... 2606:2c40::c73c:67e1	209242 (CLOUDFLAR...) (CLOUDFLARESPECTRUM Cloudflare)
4 39	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
21	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
11	52.217.13.110 52.217.13.110	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b649	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:827::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::6816:47c5	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5605	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:6c0... 2a02:26f0:6c00:296::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	151.101.12.157 151.101.12.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d3cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
2 2	2620:119:50e3... 2620:119:50e3:101::6cae:b45	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	108.174.10.14 108.174.10.14	14413 (LINKEDIN) (LINKEDIN)
1	2a00:1450:400... 2a00:1450:4001:829::200e	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c00::9d	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
1	2a00:1450:400... 2a00:1450:4001:82a::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:80f::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:829::2001	15169 (GOOGLE) (GOOGLE)
24	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:47b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:15bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
24	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:813::2001	15169 (GOOGLE) (GOOGLE)
2 4	54.72.101.145 54.72.101.145	16509 (AMAZON-02) (AMAZON-02)
39	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.181.230 142.250.181.230	15169 (GOOGLE) (GOOGLE)
4	142.250.185.98 142.250.185.98	15169 (GOOGLE) (GOOGLE)
2	3.12.243.139 3.12.243.139	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f01... 2a03:2880:f01c:8004:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK)
2	3.140.174.87 3.140.174.87	16509 (AMAZON-02) (AMAZON-02)
6	52.48.135.146 52.48.135.146	16509 (AMAZON-02) (AMAZON-02)
4	52.207.123.8 52.207.123.8	14618 (AMAZON-AES) (AMAZON-AES)
1	104.244.42.131 104.244.42.131	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
257	48

2 2606:2c40::c73c:67e1 (United States) 1 redirects

ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US)

hubspot.fedscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.217.13.110 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b649 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::6816:47c5 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5605 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:6c00:296::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d3cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e3:101::6cae:b45 (United States) 2 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.174.10.14 (United States)

ASN14413 (LINKEDIN, US)
PTR: 108-174-10-14.fwd.linkedin.com

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:80f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

5c07712802b74834f1d472c54463ee91.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
f974a462ef4464a4bc01c3a5a0a1a632.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:47b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:15bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.72.101.145 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-72-101-145.eu-west-1.compute.amazonaws.com

pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.230 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s49-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.12.243.139 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-12-243-139.us-east-2.compute.amazonaws.com

tags.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8004:face:b00c:0:8c (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

ad.atdmt.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.140.174.87 (Columbus, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-140-174-87.us-east-2.compute.amazonaws.com

events.mmi360.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 52.48.135.146 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.207.123.8 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-207-123-8.compute-1.amazonaws.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.131 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
56	googlesyndication.com 5c07712802b74834f1d472c54463ee91.safeframe.googlesyndication.com tpc.googlesyndication.com pagead2.googlesyndication.com f974a462ef4464a4bc01c3a5a0a1a632.safeframe.googlesyndication.com 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com	375 KB
39	2mdn.net s0.2mdn.net	500 KB
39	cyberscoop.com 4 redirects www.cyberscoop.com	312 KB
28	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	661 KB
21	googletagservices.com www.googletagservices.com	541 KB
14	adsafeprotected.com 2 redirects pixel.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	186 KB
13	google.com www.google.com adservice.google.com	4 KB
11	amazonaws.com s3.amazonaws.com	54 KB
6	google.de www.google.de adservice.google.de	1 KB
4	mmi360.net tags.mmi360.net events.mmi360.net	269 B
4	linkedin.com 3 redirects px.ads.linkedin.com www.linkedin.com px4.ads.linkedin.com	3 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	hubspot.com track.hubspot.com	1 KB
2	atdmt.com ad.atdmt.com	1 KB
2	facebook.com www.facebook.com	312 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	99 KB
2	addtoany.com static.addtoany.com	60 KB
2	fedscoop.com 1 redirects hubspot.fedscoop.com	3 KB
1	twitter.com analytics.twitter.com	658 B
1	hs-banner.com js.hs-banner.com	15 KB
1	hs-analytics.net js.hs-analytics.net	19 KB
1	t.co t.co	455 B
1	hs-scripts.com js.hs-scripts.com	901 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	52 KB
1	hsforms.net js.hsforms.net	135 KB
1	taboola.com cdn.taboola.com	23 KB
257	31

	Domain	Requested by
39	s0.2mdn.net	9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com s0.2mdn.net 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
39	www.cyberscoop.com	4 redirects hubspot.fedscoop.com www.cyberscoop.com
24	pagead2.googlesyndication.com	www.googletagservices.com securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.cyberscoop.com 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com ad.doubleclick.net
21	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com www.googletagservices.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
21	securepubads.g.doubleclick.net	www.cyberscoop.com www.googletagservices.com securepubads.g.doubleclick.net hubspot.fedscoop.com 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
8	www.google.com	www.cyberscoop.com securepubads.g.doubleclick.net tpc.googlesyndication.com
6	static.adsafeprotected.com	pixel.adsafeprotected.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
5	adservice.google.com	securepubads.g.doubleclick.net
5	adservice.google.de	securepubads.g.doubleclick.net
4	dt.adsafeprotected.com	32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com www.cyberscoop.com
4	googleads4.g.doubleclick.net	ad.doubleclick.net
4	pixel.adsafeprotected.com	2 redirects 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
4	fonts.gstatic.com	fonts.googleapis.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	track.hubspot.com
2	events.mmi360.net	597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
2	ad.atdmt.com	597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
2	tags.mmi360.net	ad.doubleclick.net
2	ad.doubleclick.net	www.googletagservices.com
2	32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	2 redirects
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hubspot.fedscoop.com connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	hubspot.fedscoop.com	1 redirects
1	analytics.twitter.com	static.ads-twitter.com
1	f974a462ef4464a4bc01c3a5a0a1a632.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	5c07712802b74834f1d472c54463ee91.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	www.google.de	www.cyberscoop.com
1	t.co	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	px4.ads.linkedin.com	www.cyberscoop.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
257	47

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
www.wsj.com
www.techrepublic.com
www.colpipe.com
www.nbcnews.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspot.fedscoop.com Cloudflare Inc ECC CA-3	`2020-07-17` - `2021-07-17`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2021-04-30` - `2022-05-11`	a year	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-05-26` - `2021-08-24`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-04-15` - `2021-10-15`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-05-17` - `2021-08-09`	3 months	crt.sh
tags.mmi360.net Amazon	`2021-03-04` - `2022-04-02`	a year	crt.sh
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2021-05-15` - `2021-08-13`	3 months	crt.sh
events.mmi360.net Amazon	`2021-05-04` - `2022-06-02`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
dt.adsafeprotected.com Amazon	`2021-04-22` - `2022-05-21`	a year	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2021-06-10` - `2022-06-09`	a year	crt.sh

This page contains 25 frames:

Primary Page: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Frame ID: 46CCF538BFC926CF35BD341DA3650DAC
Requests: 88 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: 140812787B1A79040A8D5606E5426649
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: E0B9D5AB0D0490EBC42D06F3DB94483B
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: DBF302D4075DCC4E062E0EE0D349398F
Requests: 11 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
Frame ID: DA4A72C023D10BBA15B340E8BA292784
Requests: 11 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsnoEvXplMdoJOAfuS7HjkUikEB4Qh-LxsotZXTFNcgmuKfV6JzCyHtqzAOLHQHuqLoUAyhIXLy3XOwPKQTiRBl_1J8OEFzcYECQaTiQlyUtEwDrcjjUTVl_Kk_Tz3ScEkmlOeYoxpDDuHcuv8M5u5FBMT_-22qHp6ctLPEkakHnN0HT_xpPKtagD5j6C5C94zguveDNsIeB0rjdhqkhuavKNbE-5YLYjjkQ0Qk53VEdHWqsOnHLwl-t844OtoNH5avjMqzsU9CORTZrPmAQo-VpVbW6cjZ19eLfOGpm8&sai=AMfl-YSwHy-Gu3tSfsw7qh0wTcs0VCSnpDwaDsnO1R5blg-GTub-3ExvaOjoeaZSzhXz2O6QbvLo3puyKkKHsrtyOAd4zqDG5oeqK9CkXwK0BTFwehNlmlbLZ3dVg5RrxzPT&sig=Cg0ArKJSzCLDWpopjT10EAE&adurl=
Frame ID: 8E61932BEB74FA17E3F9A4ED4515789A
Requests: 9 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2BxqeIB_eG_OB4muui06RbySW6zsvwiuGNMGCOja5lXunagr6cA14uNiADn6pjZ-7uYrxj98l61NO5dv5OUwSYD3ia-PQCqq6UgTpadWw9rVblcUBd2u1ilwiXqcy1KD_JuGqBn6rlBCaqCA0ysVVFbR57XWRmT3SmdzpOVPCs52umZuruabookxefJ__k5PnODZjhmsAu_zqbgbIr09zuBXcBxxjMbuSfNwrmLvEuBWdOODSY-Cg6hqm8pH5_4hJO46ifUjkxkDGGlKcW5BYBoUV4y9bgupsU-h_VyPz25OQbUnXim9TOoLRlBRPBmQJS9NGh9U&sig=Cg0ArKJSzHfPji4wJsXsEAE&adurl=
Frame ID: D45AD7892B4F215B83423AF490269A04
Requests: 8 HTTP requests in this frame

Frame: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: D4B887BE49E4E14E24F74C3E9DFA7B5C
Requests: 23 HTTP requests in this frame

Frame: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: F2B78610B9E409B78BEEA786F5FF0F27
Requests: 7 HTTP requests in this frame

Frame: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 3AFEE122EFE0C639824F8813FEB850F0
Requests: 25 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 84AB7DEB602C5BA86FB2F992F33ED48D
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8E213191BD586FE6D3B982C32DFFA1D7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: CB6E036FC67683B808C460563F77E51C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 9A7A637D818253437A149659A96416F7
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: A567031CC6D74A97BC756E60D990E71C
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 925CDF2835A06C96587363422E74A88C
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
Frame ID: FAA53041FFF12F4303C591055911992C
Requests: 36 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 66629A50D09CDDDB3C961700AEC6787F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: AC64054D0DA1170BF38EC085A0D16360
Requests: 3 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 994C028D40C3EF98E7C0903CAF1647A3
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.5.js
Frame ID: 32133E75178374270EA3896AB50D60D5
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: D82625959937A8449047580D524F1825
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4B4E4CFB8E711EF1077ED242F7EA9B2A
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html
Frame ID: 44D802B0F6297DD132007D7C47EC50C1
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 80F6EACE181AB18E3911D5C5AFECF019
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1v... Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5... HTTP 307
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

257
Requests

100 %
HTTPS

69 %
IPv6

31
Domains

47
Subdomains

48
IPs

4
Countries

3172 kB
Transfer

7719 kB
Size

10
Cookies

18 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://www.wsj.com/articles/colonial-pipeline-ceo-tells-why-he-paid-hackers-a-4-4-million-ransom-11621435636
Title: paid its attackers $4.4 million

Search URL Search Domain Scan URL

URL: https://www.techrepublic.com/article/ransomware-attackers-are-now-using-triple-extortion-tactics/
Title: netted an estimated tens of billions of dollars

Search URL Search Domain Scan URL

URL: https://www.colpipe.com/news/press-releases/colonial-pipeline-company-ceo-issues-statement-following-announcement-by-u-s-department-of-justice-on-recovery-of-cryptocurrency-funds
Title: Colonial said in response to the cryptocurrency seizure

Search URL Search Domain Scan URL

URL: https://www.nbcnews.com/politics/meet-the-press/sec-granholm-backs-ban-ransomware-payments-you-are-encouraging-bad-n1269776
Title: she supports a legal ban on ransomware payments

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1&__hssc=143679850.1.1623634170439&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1 Page URL
https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1?_ud=765842ec-5fc1-4e88-9372-8c0240eb417b&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-courts HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623634167198%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fdoj-darkside-colonial-cryptocurrency-seizure%252F%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQIsCHAakgy_SwAAAXoII0gnC420WXJnTvWZKK6Vsxvvbm1_a4wiVbgPIyUr3lNz2_khX6FL

Request Chain 230

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:7416c17d-e262-d973-bde4-e723afc9f7c2,c:ftxPJN,sl:na,em:true,fr:false,mn:app20ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgHvId+111*.488356-54309639%7C1111%7C112%7C1131%7C114%7C1211%7C122%7C1231%7C124%7C1311%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:111*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:243,oid:f6aba868-ccaf-11eb-997f-02467abe7cd0,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 232

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:c518f94f-cf6a-74e2-e1fb-56734489612c,c:ftxPL2,sl:na,em:true,fr:false,mn:app10ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,nbld:0,fm:sAgHvHr+1111%7C1112%7C112%7C113%7C114%7C1211%7C122%7C123%7C124%7C131*.488356-54309637%7C1311%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17,idMap:131*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,tt:rjss,thd:1,et:367,oid:f6aba8fb-ccaf-11eb-b443-0634eb268b40,v:19.8.206,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

257 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvv... Show response
hubspot.fedscoop.com/e2t/tc/ 9 KB
3 KB 84ms
53ms Document
text/html 2606:2c40::c73c:67e1
CLOUDFLARESPECTRU...

General

Check archive.org

Show headers Download Go to

Full URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:2c40::c73c:67e1 , United States, ASN209242 (CLOUDFLARESPECTRUM Cloudflare, Inc., US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14a399efdd6eb8a1e5c4283bf860f19d3017f1c831a3304aa320b6ef0a15de85

Request headers

:method: GET
:authority: hubspot.fedscoop.com
:scheme: https
:path: /e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-type: text/html;charset=utf-8
cf-ray: 65efc9a19e2fdfef-FRA
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9bc58fd0000dfef69b0a000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: 27236156-8c31-4024-ba7f-c43c858cd7ce
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=AxFwyp1XpY3TA9z%2B%2BDe%2F59YoWZKuTm2D9atlaADfFfcEDWeOVnMm2llVv4JPvLFQmptxx0hZa2b2nilg7To7LLWpJyDKgAy5064o15NwfB7DqYZkYroTLhuGnYlBj8p%2B9njiNe9golxW5AXwnw%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
set-cookie: __cfruid=eb635d2ab5e740b7ffcb015ea18bae2d2f498bcb-1623634166; path=/; domain=.hubspot.fedscoop.com; HttpOnly; Secure; SameSite=None
server: cloudflare
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Redirect Chain

https://hubspot.fedscoop.com/events/public/v1/track/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fL...
https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

55 KB
14 KB

384ms
180ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Requested by

Host: hubspot.fedscoop.com
URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

6df5297b890ff6b7e63372da52b58276e6af2f2914d30d7edcd5ead5af63c738

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /doj-darkside-colonial-cryptocurrency-seizure/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:29:26 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/56914>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=56914>; rel=shortlink
x-fastcgi-cache: HIT
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Mon, 14 Jun 2021 01:29:26 GMT
location: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
cf-ray: 65efc9a1fe90dfef-FRA
link: <https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/>; rel="canonical"
vary: Accept-Encoding
cf-cache-status: MISS
access-control-allow-credentials: false
cf-request-id: 0aa9bc593c0000dfef64bc5000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
referrer-policy: no-referrer
x-hubspot-correlation-id: b2540fbc-05b8-460a-b95a-966fb34e6a5f
x-robots-tag: none
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=OqV1PUkkzcMHT8jADEd7UUhdUHmh52ipQK%2Fh1p0ARvC%2BLm09sBqbO72MEoceQnCHUdwJANVGh0GbmnD4zgj54FHM9iiH4jeIcEzvJfqMPO6JmODL8rCE8423N9KKXE7DL9pq2uAnuWD%2BaY75TQ%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 104ms
102ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

:path: /wp-content/themes/cyberscoop/style.css?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
826 B 16ms
13ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:22:31 GMT
server: ESF
date: Mon, 14 Jun 2021 01:29:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 01:29:26 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
642 B 18ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:29:26 GMT
server: ESF
date: Mon, 14 Jun 2021 01:29:26 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 01:29:26 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 104ms
102ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 jquery.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 87 KB
31 KB 104ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.min.js?ver=3.5.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

:path: /wp-includes/js/jquery/jquery.min.js?ver=3.5.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-15d98"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 11 KB
4 KB 105ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

:path: /wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-2bd8"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 105ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

:path: /wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 105ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

:path: /wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 105ms
102ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

:path: /wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 105ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

:path: /wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 129
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 69 KB
23 KB 95ms
30ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: n1vF9p5VnwtUi4OVeKiiCR8shgMwhmvH
content-encoding: gzip
etag: "ae15e30aca91b7a60c5cc29e73eacf0e"
age: 148
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 23442
x-amz-id-2: v3jSd1ubrY//ZSaAkwjggNWZqhLtSqP3mq0TSkF/bPtUTCHFh0yAvPr5qqDnqasBsO4Uw2cbtuU=
x-served-by: cache-fra19173-FRA
last-modified: Sun, 06 Jun 2021 17:54:31 GMT
server: AmazonS3
x-timer: S1623634167.700353,VS0,VE1
date: Mon, 14 Jun 2021 01:29:26 GMT
vary: Accept-Encoding
x-amz-request-id: VFRKDC3E2A4QAY8G
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 57
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 105ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

:path: /wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 138
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 105ms
103ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

:path: /wp-content/themes/cyberscoop/js/app.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 262ms
261ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

:path: /wp-content/themes/cyberscoop/js/menu.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
accept-ranges: bytes
content-length: 213
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 263ms
261ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 61 KB
21 KB 109ms
37ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

54e1a9fa84f454175a61ddd8369e590829499c033015438f8788b2e40b02864c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 664 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 417ms
118ms Image
image/svg+xml 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: 7FSTBW7KZE7WE5WD
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: /zK8TOQjU6PESR926m3iVg0uN+Wo9xKWdFcaH3Qaje6vQSwo73wS4weenuGlj6jTTJ4RjZPSHVk=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 424ms
121ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: 7FSJE36WWSZHH6R5
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: 0fQBRcJybRwhyc9tDlCuCemyo+eIC0PepvVBEKB2jmYjb13uf9jVjdHI7SqiXTIT7p8Jq/mkM4s=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 103ms
100ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 103ms
100ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 103ms
100ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 103ms
100ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 103ms
101ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 424ms
122ms Image
image/svg+xml 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: 7FSRT09B0PXA16VH
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: dT0/azQqF923Wg63DrScqa1f7jZzt/lKPf4eKZbF8Q4sOTrIJOmbvLkP+Mnqcc7RvRhrVzEv4oI=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 573 KB
135 KB 61ms
44ms Script
application/javascript 2606:4700::6811:b649
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b649 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
via: 1.1 4638ed8bcd9a9c4a4ffe655049a6e058.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 257
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bc5c7e0000dfdb032f0000000001
last-modified: Thu, 10 Jun 2021 01:55:02 UTC
server: cloudflare
etag: W/"be4017dc0d84057af0be82378d2bcd1a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=gcZmFw6oFxa0hq4tDL%2BGbjAiTmFsthLwNePKXAMupF%2FxHyynirv0MOYSb7Tho6gwm1Zo%2FNDn%2BwXaj62b9d6ntAmP2tW4d2wfAL03%2B3%2FCepAyb6LZLvjsSfqrWjcpNsLntxm2Z08roA%3D%3D"}],"group":"cf-nel","max_age":604800}
x-amz-version-id: _lWo_seegG84aAiYV148P6d_vJ1mA4fg
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 65efc9a729a2dfdb-FRA
x-amz-cf-id: N15sJcQw0griPnl5IdO-ZDeHmFlhvWHBFqEwDaFhW5bo02KlEldYKA==
x-hs-target-asset: FormsNext/static-5.319/bundles/project_with_deps.js

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
22 KB 37ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 799 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21627
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:26 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 100ms
100ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

:path: /wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
986 B 103ms
99ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991

Request headers

:path: /wp-includes/js/wp-embed.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-592"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 146 KB
52 KB 18ms
16ms Script
application/javascript 2a00:1450:4001:827::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

05709454fb18e3ba7c785fb889e8de61baa9b6d664d2830d6434306321923f04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53336
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 14 Jun 2021 01:29:26 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 103ms
101ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c

Request headers

:path: /wp-includes/js/wp-emoji-release.min.js?ver=5.7.1
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Sun, 25 Apr 2021 05:06:59 GMT
server: nginx
etag: W/"6084f8f3-3795"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 146ms
146ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

:path: /wp-content/themes/cyberscoop/css/lightslider.min.css
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000 public
expires: Tue, 14 Jun 2022 01:29:26 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 84 KB
27 KB 39ms
21ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 67599
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bc5c9800004e8c2c8b7000000001
last-modified: Fri, 14 May 2021 06:41:59 GMT
server: cloudflare
etag: W/"14f2c-5c2448a7281f2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 65efc9a759b04e8c-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 427ms
111ms Image
image/svg+xml 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: 7FSTGSNHBE6J0QZH
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: 9iZQcPc1bnCCZw9/HBnWyWqg4KPJdEYjf6DulXypEfo+CZdn9XGotH8r6uaFL1VFCFgji1LEb8c=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 439ms
124ms Image
image/svg+xml 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: 7FSKNTXHFE04A2JV
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: WgvolVo2hrTfdY/QA1spOoI0ZOf/ZejEEv/Q3LssK3P4C0xQHwDXRdbeFWPe9gHYWLfOIEfW2cA=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 03:30:23 GMT
x-content-type-options: nosniff
age: 165543
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 03:30:23 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 101ms
100ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload

Request headers

:path: /wp-content/themes/cyberscoop/fonts/PuristaMedium.woff
pragma: no-cache
origin: https://www.cyberscoop.com
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: cors
accept: */*
cache-control: no-cache
sec-fetch-dest: font
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000 max-age=31536000; includeSubDomains max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 1408
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-do...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi...

2 KB
1 KB

1024ms
1023ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

ba601daeda8cb0d179beeeafbe63848d0576b172f3e2800f1848be282b2af497

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.2141281648.1623634167; _gid=GA1.2.16219542.1623634167; _gat_UA-80491860-1=1; _fbp=fb.1.1623634167245.16395894; __gads=ID=f5a1c6584c3a1cde-22c0d9fb5ec8005b:T=1623634167:S=ALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:29:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:29:27 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame E0B9
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,us-co...
https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-c...

1 KB
918 B

1006ms
1006ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

2d209520098b09aa8847fc90e422c9a590e6386bbcf1ede1357c0a1531f26b08

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.2141281648.1623634167; _gid=GA1.2.16219542.1623634167; _gat_UA-80491860-1=1; _fbp=fb.1.1623634167245.16395894; __gads=ID=f5a1c6584c3a1cde-22c0d9fb5ec8005b:T=1623634167:S=ALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:29:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:29:27 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame DBF3
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-justice-doj,fbi,jbs,ranswomare,...
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2...

2 KB
1020 B

1001ms
1001ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

f9f5fb1596ab72270fbb5bfbc64b6f05d259a045255a36c176833936f29ecde9

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.2141281648.1623634167; _gid=GA1.2.16219542.1623634167; _gat_UA-80491860-1=1; _fbp=fb.1.1623634167245.16395894; __gads=ID=f5a1c6584c3a1cde-22c0d9fb5ec8005b:T=1623634167:S=ALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:29:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:29:27 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame DA4A
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline,cryptocurrency,darkside,department-of-...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice...

2 KB
1 KB

992ms
992ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

82b93870340639f93f374966650f61a46c1a4b0891f25ba9b9673a1426d0bd20

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: sng_interstitial=true; _ga=GA1.2.2141281648.1623634167; _gid=GA1.2.16219542.1623634167; _gat_UA-80491860-1=1; _fbp=fb.1.1623634167245.16395894; __gads=ID=f5a1c6584c3a1cde-22c0d9fb5ec8005b:T=1623634167:S=ALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Response headers

server: nginx
date: Mon, 14 Jun 2021 01:29:28 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Mon, 14 Jun 2021 01:29:27 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1233323151-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 96 KB
96 KB 100ms
100ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1233323151-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b0ebb64770d12923ab367667f418fe5bfa5ae336f3404eb74463128a10ef098f

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1233323151-1021x681.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
last-modified: Mon, 07 Jun 2021 20:26:51 GMT
server: nginx
etag: "60be810b-18089"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 98441
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H2 200 GettyImages-1225219966-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 9 KB
10 KB 150ms
149ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1225219966-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:26 GMT
last-modified: Fri, 11 Jun 2021 19:06:20 GMT
server: nginx
etag: "60c3b42c-257a"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 9594
expires: Wed, 14 Jul 2021 01:29:26 GMT

GET
H2 200 GettyImages-1322885030-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 13 KB
13 KB 151ms
148ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-1322885030-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
last-modified: Thu, 10 Jun 2021 19:50:07 GMT
server: nginx
etag: "60c26cef-34a9"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 13481
expires: Wed, 14 Jul 2021 01:29:27 GMT

GET
H2 200 GettyImages-158214905-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/06/ 10 KB
10 KB 151ms
147ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6

Request headers

:path: /wp-content/uploads/2021/06/GettyImages-158214905-307x171.jpg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
last-modified: Thu, 03 Jun 2021 20:27:18 GMT
server: nginx
etag: "60b93b26-2933"
content-type: image/jpeg
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 10547
expires: Wed, 14 Jul 2021 01:29:27 GMT

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 152ms
147ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 361
expires: Wed, 14 Jul 2021 01:29:27 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 152ms
147ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 481
expires: Wed, 14 Jul 2021 01:29:27 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 151ms
148ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000 public
accept-ranges: bytes
content-length: 946
expires: Wed, 14 Jul 2021 01:29:27 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 152ms
148ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

:path: /wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
pragma: no-cache
cookie: sng_interstitial=true
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.cyberscoop.com
referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000 public
expires: Wed, 14 Jul 2021 01:29:27 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 427ms
123ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: 7FSQ8FY7GQHCF9HA
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: D+iBKhv/2f18RJWLPtW0mf3qGrdaBgN1eI09nk0bF+SF1aNp0KKG3ZQcLBJuMKzCQ6b6lbWI1qE=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 109ms
109ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: 7FSVRNP2607KHNHN
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: wppCOGABdU/BeDz2IJQSoQXTljLbEM5JB5Rr7gN1nMalzz54LucG8/qOwIWuTSwgyL4qFTL1WZw=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 111ms
110ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: 7FSSSXGJNV2S1RR7
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: PmP/xnGgH9y/DNgRLIKgyJINrRhT/Vv7AlCvqZRoe6CvorzPPaTzHW7Sw9J6MwvwTmEzKSbSWEo=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 115ms
115ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: 7FSMT3CK6KRVBHBZ
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: VSuMxvNMfi67pq8pigqNfZfRO64PunX+etK7lR7Rj/pYWPTt6UiAeRvvIspiZ2A+HZDgc08WWbs=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 114ms
113ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: 7FSGNCVRAMQ38FD0
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: WbD3U9h+3m822DRVUWLeOnUNd82uK7u0oj4nlRFEMYpZqW/Whk5eMzFPj1DBfa0e3nNlZm8ek30=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 113ms
112ms Image
image/png 52.217.13.110
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.7.1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.13.110 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:28 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: 7FSZ4PA5S2ZQW1E5
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: XFk6Fc37PA6E1acLOR72EoCj38Tl/mU6JIlYFelvDXROYWEtntamumUk6Q+TuHgIe2irXsZfx2I=

GET
H3-29 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
22 KB 28ms
24ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 07:03:44 GMT
x-content-type-options: nosniff
age: 152742
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 07:03:44 GMT

GET
H3-29 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 25ms
22ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:27:54 GMT
x-content-type-options: nosniff
age: 158492
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:27:54 GMT

GET
H3-29 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 17ms
13ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.7.1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 05:37:03 GMT
x-content-type-options: nosniff
age: 157943
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 05:37:03 GMT

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 144ms
119ms Script
application/javascript 2606:4700::6810:5605
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5605 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dce4c94fd5a0b1b404c6fcee22a49084f6863bc7d0fefc5e07ed57ce7d35c75d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 7191f06f-b393-4115-a19a-7686d504f932
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bc5d7500004e8684b51000000001
server: cloudflare
x-trace: 2B1985E8BB08A1443E226DF558CCB96DE496D604D8000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 65efc9a8b9f34e86-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 21ms
7ms Script
application/x-javascript 2a02:26f0:6c00:296::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:6c00:296::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 14 Jun 2021 01:29:27 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=45345
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 92ms
29ms Script
application/javascript 151.101.12.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.12.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 5390
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1623634167.223615,VS0,VE0
x-served-by: cache-fra19172-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 94 KB
25 KB 18ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 24515
x-fb-rlafr: 0
pragma: public
x-fb-debug: I7cGoYUfPJAEtSbKll5PS65d4AWeyqHwzR4Ws06l7DMhBd9K6kfJfzOMkmomUsrS0CU00JJfsuvTqIblKEGa2g==
x-fb-trip-id: 686109401
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:29:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 1016 B
901 B 467ms
447ms Script
application/javascript 2606:4700::6811:d3cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d3cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3844b90f3cfc77a88999547db594e6bff1c01c7f5946ec51a56443ef6fbd2615

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 6f750657-ebe1-4444-b097-0a95fab7d820
cf-request-id: 0aa9bc5d8400002b165ba30000000001
server: cloudflare
x-trace: 2B4A72CC9E47600610800A9948ECBAAB406E1DE15D000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 65efc9a8dbf02b16-FRA
expires: Mon, 14 Jun 2021 01:30:27 GMT

GET
H3-29 200 pubads_impl_2021061001.js Show response
securepubads.g.doubleclick.net/gpt/ 326 KB
114 KB 75ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 10 Jun 2021 08:39:38 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 116947
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
H3-29 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 56ms
43ms Script
application/javascript 2606:4700:10::6816:47c5
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:47c5 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
via: e1s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 7187614
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
cf-request-id: 0aa9bc5d9d00006485e03d5000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 65efc9a8f96e6485-FRA
cf-bgj: minify

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 09 Apr 2021 23:59:54 GMT
server: Golfe2
age: 3887
date: Mon, 14 Jun 2021 00:24:40 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19569
expires: Mon, 14 Jun 2021 02:24:40 GMT

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1623634167198%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fd...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQIsCHAakgy_Sw...

0
155 B

344ms
143ms

Image
application/javascript

108.174.10.14
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQIsCHAakgy_SwAAAXoII0gnC420WXJnTvWZKK6Vsxvvbm1_a4wiVbgPIyUr3lNz2_khX6FL
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 108.174.10.14 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS: 108-174-10-14.fwd.linkedin.com
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-lva1
content-type: application/javascript
content-length: 0
x-li-uuid: 0aYqbqxOiBYAR1UfNSsAAA==

Redirect headers

date: Mon, 14 Jun 2021 01:29:27 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1623634167198&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&liSync=true&e_ipv6=AQIsCHAakgy_SwAAAXoII0gnC420WXJnTvWZKK6Vsxvvbm1_a4wiVbgPIyUr3lNz2_khX6FL
x-li-proto: http/2
x-li-pop: prod-eda6
content-length: 0
x-li-uuid: x5L6WqxOiBaARaibpCsAAA==

GET
H3-29 200 896395920528126 Show response
connect.facebook.net/signals/config/ 261 KB
74 KB 8ms
7ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.41&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 75729
x-fb-rlafr: 0
pragma: public
x-fb-debug: PG9gS8AkPuZtP9uI6HOIQsCcBkR9MnJjeT7ShJ6Xq8cq5lxHVsY4H1njE35ZyeTFOH2UvFo73DXVtBIK0sTXMw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:29:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H3-29 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
14ms XHR
text/plain 2a00:1450:4001:829::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j90&a=1432412244&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&dp=%2Fwelcome%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&ul=en-us&de=UTF-8&dt=DOJ%20seizes%20%242.3%20million%20in%20cryptocurrency%20payments%20from%20Colonial%20Pipeline%20ransomware%20attack%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=730792416&gjid=1116322680&cid=2141281648.1623634167&tid=UA-80491860-1&_gid=16219542.1623634167&_r=1&gtm=2wg690KR697BF&z=1064715014

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 18ms
6ms Image
image/gif 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&rl=&if=false&ts=1623634167246&sw=1600&sh=1200&v=2.9.41&r=stable&ec=0&o=30&fbp=fb.1.1623634167245.16395894&it=1623634167206&coo=false&rqm=GET

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Mon, 14 Jun 2021 01:29:27 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
90 B 16ms
15ms XHR
text/plain 2a00:1450:400c:c00::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-80491860-1&cid=2141281648.1623634167&jid=730792416&gjid=1116322680&_gid=16219542.1623634167&_u=YEBAAEAAAAAAAC~&z=21690065

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Mon, 14 Jun 2021 01:29:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
455 B 213ms
143ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 01:29:27 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 346d303a7085f90906a9056c67f6ff54a13eaa20cba4562d84ebe5defa6391b8
x-transaction: 0f8b3172d7b07f39
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 16ms
15ms Image
image/gif 2a00:1450:4001:82a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=2141281648.1623634167&jid=730792416&_u=YEBAAEAAAAAAAC~&z=151567766

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 17ms
17ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j90&tid=UA-80491860-1&cid=2141281648.1623634167&jid=730792416&_u=YEBAAEAAAAAAAC~&z=151567766

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 css
fonts.googleapis.com/ 2 KB
520 B 15ms
15ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Mon, 14 Jun 2021 01:22:03 GMT
server: ESF
date: Mon, 14 Jun 2021 01:29:27 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
853 B 36ms
15ms Script
application/javascript 2a00:1450:4001:830::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 35ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 28 KB
11 KB 71ms
70ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2067552630805403&correlator=3849933413211651&output=ldjh&impl=fif&eid=31061040%2C31061429%2C31061411&vrg=2021061001&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2Ccswelcome&enc_prev_ius=%2F0%2F1&prev_iu_szs=640x480&cookie_enabled=1&bc=31&abxe=1&lmt=1623634167&dt=1623634167325&dlt=1623634166618&idt=692&frm=20&biw=1600&bih=1200&oid=3&adxs=480&adys=365&adks=113530204&ucis=1&ifi=1&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&url=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=640x532&msz=640x-1&ga_vid=2141281648.1623634167&ga_sid=1623634167&ga_hid=1432412244&ga_fc=false&fws=4&ohw=1600&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

5b82d1488f1ba40949c374921491520d5c435b06ab2ba7fa181b543625517940

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11258
x-xss-protection: 0
google-lineitem-id: 5715621344
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138352336806
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
5c07712802b74834f1d472c54463ee91.safeframe.googlesyndication.com/safeframe/1-0-38/html/ 0
0 46ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://5c07712802b74834f1d472c54463ee91.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E61 0
0 39ms
38ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvsnoEvXplMdoJOAfuS7HjkUikEB4Qh-LxsotZXTFNcgmuKfV6JzCyHtqzAOLHQHuqLoUAyhIXLy3XOwPKQTiRBl_1J8OEFzcYECQaTiQlyUtEwDrcjjUTVl_Kk_Tz3ScEkmlOeYoxpDDuHcuv8M5u5FBMT_-22qHp6ctLPEkakHnN0HT_xpPKtagD5j6C5C94zguveDNsIeB0rjdhqkhuavKNbE-5YLYjjkQ0Qk53VEdHWqsOnHLwl-t844OtoNH5avjMqzsU9CORTZrPmAQo-VpVbW6cjZ19eLfOGpm8&sai=AMfl-YSwHy-Gu3tSfsw7qh0wTcs0VCSnpDwaDsnO1R5blg-GTub-3ExvaOjoeaZSzhXz2O6QbvLo3puyKkKHsrtyOAd4zqDG5oeqK9CkXwK0BTFwehNlmlbLZ3dVg5RrxzPT&sig=Cg0ArKJSzCLDWpopjT10EAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame 8E61 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2589
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:46:18 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame 8E61 2 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 497
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:21:10 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8E61 122 KB
37 KB 29ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame 8E61 0
0 14ms
13ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRaD0pqjcI8IV5HwTMXai6j1FvIJeonKzrkKmkCdIP5jnyQ8y-FSri9IgmjRJr2Fawde0XOv0psYGcxuyJ8-nyR6BMPVA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 13841792684619255105
tpc.googlesyndication.com/simgad/ Frame 8E61 91 KB
91 KB 9ms
8ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/13841792684619255105

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 11:38:07 GMT
x-content-type-options: nosniff
age: 136280
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 93333
x-xss-protection: 0
last-modified: Wed, 09 Jun 2021 10:24:31 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 11:38:07 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 73 KB
28 KB 25ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 8E61 0
0 77ms
39ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjss08GZlEjHISSuAuYUgeOYNEjOg1SF4d2Hm3anIrVWntD8GdrxoUyFtLmWo3351QW9hcxAlP71Qk9iyTsBq6GylYwk6scc3Jl_W30GU2p_eIEF1V0ZTuj8mn3W5jJhqW5qW-7WLGBSXXbdpuQzgw_X8cbaB-R4nDfGm4UAkNT8Y0N-mUjz0qVUUHqSBKBlA-ivWuSVnwUZu40X_rn6AiFiElcoBDmkGKi0iq-14rCu7IdcdtXrp7DmMPfQdO4MIBSBYYEbmSJsT5CJY_-2p8PPzwvTgI47HYQXY0LX4Cv1pSw&sai=AMfl-YSk2XH6YkAsFveRmRaIdk6F-EMJ68PMRC4ka3cbveEOMDB1wGA332XguAPPu8hphx5wxgyidoZpZ_ZS1YJVyyCTLCnp6YKUfhar-GduLNzRGTThRPsXV2UDWnoPSGp5&sig=Cg0ArKJSzBgA1axSsRZdEAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:27 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:29:27 GMT

GET
DATA 200
OK truncated
/ Frame 8E61 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3202d10a48e4b9747b2ace485a881b3e51a6587583225426d4f3172d364ca433

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1623633900000/ 62 KB
19 KB 43ms
25ms Script
text/javascript 2606:4700::6811:47b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1623633900000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:47b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:27 GMT
content-encoding: br
cf-cache-status: HIT
age: 240
x-amz-server-side-encryption: AES256
x-amz-request-id: XJAVP4Q38YJYVEQW
x-amz-id-2: a9HwIc4MS20Q9Akryi/6ctWfv+ZPu6qghBrocRq3CFT3UmtHdK2i4tEmOe7hsiNyCwoFI39EJhg=
last-modified: Wed, 12 May 2021 19:10:17 GMT
server: cloudflare
etag: W/"95a153c93e899095ceff108333b7e80a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=300, public
access-control-allow-credentials: false
x-amz-version-id: null
cf-request-id: 0aa9bc5f5a000063fb54b2a000000001
cf-ray: 65efc9abcb7a63fb-FRA
expires: Mon, 14 Jun 2021 01:30:27 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 60 KB
15 KB 496ms
481ms Script
text/javascript 2606:4700::6812:15bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:15bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: P8HAB06STAFYYQ3Z
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: BXB3vwio1kSzS9KVrtBD0awKEPS876ZX8/iDNOq5Vi8YeJNRnD5v2T2nNQk96SgXR8UD9Qgdy2M=
timing-allow-origin: *
last-modified: Thu, 27 May 2021 16:34:34 GMT
server: cloudflare
etag: W/"7d1960c560e9e1a7c68d368bb00a59bb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 7fcETuGJ5.5rTY48fGHOjt280gru2ST6
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0aa9bc5f5500004ea46f929000000001
cf-ray: 65efc9abb8004ea4-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Mon, 14 Jun 2021 01:34:28 GMT

POST
H3-29 200 /
www.facebook.com/tr/ 0
15 B 13ms
6ms Ping
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarywUgAa0xTAICvDKo3

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Mon, 14 Jun 2021 01:29:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
content-length: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
priority: u=3,i

GET
H2 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 8E61 42 B
518 B 60ms
39ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv3G_oU6nk8T1T32xXYL601C8W7cRDmnGLyfML1cywgKfAfygAoHC7Q1X38-j8dRGP9TIBcDZ835E8Qs_Du2dFFN3uNB858RuJy8NSd2yI&sig=Cg0ArKJSzLFrzdrvny_LEAE&id=lidar2&mcvt=1000&p=371,480,851,1120&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=1600,1200&mc=1&app=0&itpl=3&adk=113530204&rs=4&met=mue&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623634167417&dlt=0&rpt=83&isd=0&msd=0&r=v

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:28 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DA4A 61 KB
21 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-b3zuzxlKK5-billboard&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1534e66c0f755f2d4cd2b899a7155bd2fbff98b00a37e940a08822fc87bfb7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 412 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21294
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:28 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame DBF3 61 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52e50a05d63e5616906cc6ad9e87affc689c6a623def0c80bc07ed8aedc03ead

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 11 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21287
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:28 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame E0B9 61 KB
21 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 98 of 1000 / last-modified: 1623449339"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21293
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:28 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DA4A 318 KB
112 KB 39ms
38ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:28 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame DBF3 318 KB
112 KB 41ms
41ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:28 GMT

GET
H3-29 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1408 61 KB
21 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-7WO54yg4q8-leaderboard&categories=government&tags=colonial-pipeline%2Ccryptocurrency%2Cdarkside%2Cdepartment-of-justice-doj%2Cfbi%2Cjbs%2Cranswomare%2Cus-courts

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1534e66c0f755f2d4cd2b899a7155bd2fbff98b00a37e940a08822fc87bfb7f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "902 / 344 of 1000 / last-modified: 1623449396"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 21294
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:28 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame E0B9 318 KB
111 KB 60ms
59ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 pubads_impl_2021060801.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1408 318 KB
112 KB 62ms
62ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 08 Jun 2021 08:38:25 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 114129
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame DA4A 107 B
122 B 29ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame DA4A 107 B
122 B 30ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DA4A 35 KB
14 KB 73ms
72ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3873652329473282&correlator=805447631512989&output=ldjh&impl=fif&eid=31061412&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dgovernment%26Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3Df5a1c6584c3a1cde-22c0d9fb5ec8005b%3AT%3D1623634167%3AS%3DALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634169&dt=1623634169077&dlt=1623634168939&idt=121&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=4097&adks=3048910702&ucis=bkko27vrn3vh&ifi=1&ifk=485025872&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-b3zuzxlKK5-billboard%26category%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=2141281648.1623634167&ga_sid=1623634169&ga_hid=1058909972&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

8be51d7a3532c31a195fe6b6783b2903ffb981d36ef2d30b51de44e759684a15

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13897
x-xss-protection: 0
google-lineitem-id: 5695071737
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138349702653
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
f974a462ef4464a4bc01c3a5a0a1a632.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DA4A 0
0 27ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://f974a462ef4464a4bc01c3a5a0a1a632.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame DBF3 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame DBF3 107 B
122 B 16ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame DBF3 9 KB
5 KB 70ms
69ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3265622296889326&correlator=1264615264011166&output=ldjh&impl=fif&eid=31061040%2C31061161%2C31061356&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3Df5a1c6584c3a1cde-22c0d9fb5ec8005b%3AT%3D1623634167%3AS%3DALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634169&dt=1623634169109&dlt=1623634168942&idt=148&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1710&adks=2863372106&ucis=84u7vx6uiprh&ifi=1&ifk=2940762769&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=2141281648.1623634167&ga_sid=1623634169&ga_hid=163041318&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

cf0532971ecb11ad7fad9c2b7f20ae2b53b8b7781290011ba1950e38b4bd14fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4580
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369878
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DBF3 0
0 28ms
13ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame E0B9 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame E0B9 107 B
122 B 15ms
15ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame E0B9 19 KB
8 KB 69ms
69ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3202915521510440&correlator=2983150461959683&output=ldjh&impl=fif&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts%26categories%3Dgovernment&cookie=ID%3Df5a1c6584c3a1cde-22c0d9fb5ec8005b%3AT%3D1623634167%3AS%3DALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634169&dt=1623634169140&dlt=1623634168957&idt=166&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1445&adks=4064999910&ucis=9ymhvfqzuyo0&ifi=1&ifk=3714739266&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=2141281648.1623634167&ga_sid=1623634169&ga_hid=1492600560&ga_fc=true&fws=256&ohw=0&btvi=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

3fb42c31d4d6d6d395adb10a9e3474a3aa3f88ef8f864df6809f2e027454ac70

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8243
x-xss-protection: 0
google-lineitem-id: 5650762076
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343849754
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame E0B9 0
0 60ms
14ms Other
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1408 107 B
122 B 14ms
14ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1408 107 B
122 B 15ms
14ms Script
application/javascript 2a00:1450:4001:80f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1408 9 KB
5 KB 70ms
70ms XHR
text/plain 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2590503508221787&correlator=1428319368114942&output=ldjh&impl=fif&eid=31061223%2C31061412%2C31061422%2C21068030&vrg=2021060801&ptt=17&sc=1&sfv=1-0-38&ecs=20210614&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&cookie=ID%3Df5a1c6584c3a1cde-22c0d9fb5ec8005b%3AT%3D1623634167%3AS%3DALNI_MbslGC6idnJcuMh7ddk6a_FBgzMag&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1623634169&dt=1623634169157&dlt=1623634168969&idt=182&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=wtqmg4hp62zp&ifi=1&ifk=3817049383&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-7WO54yg4q8-leaderboard%26categories%3Dgovernment%26tags%3Dcolonial-pipeline%252Ccryptocurrency%252Cdarkside%252Cdepartment-of-justice-doj%252Cfbi%252Cjbs%252Cranswomare%252Cus-courts&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&top=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=2141281648.1623634167&ga_sid=1623634169&ga_hid=999914025&ga_fc=true&fws=0&ohw=0&btvi=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ..

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

a39c5c409cf1589c397087a57c950549414a22ccdd888fff41a403192338f502

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4611
x-xss-protection: 0
google-lineitem-id: 5682063084
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138348369710
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1408 0
0 27ms
14ms Other
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D45A 0
0 39ms
39ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsu2BxqeIB_eG_OB4muui06RbySW6zsvwiuGNMGCOja5lXunagr6cA14uNiADn6pjZ-7uYrxj98l61NO5dv5OUwSYD3ia-PQCqq6UgTpadWw9rVblcUBd2u1ilwiXqcy1KD_JuGqBn6rlBCaqCA0ysVVFbR57XWRmT3SmdzpOVPCs52umZuruabookxefJ__k5PnODZjhmsAu_zqbgbIr09zuBXcBxxjMbuSfNwrmLvEuBWdOODSY-Cg6hqm8pH5_4hJO46ifUjkxkDGGlKcW5BYBoUV4y9bgupsU-h_VyPz25OQbUnXim9TOoLRlBRPBmQJS9NGh9U&sig=Cg0ArKJSzHfPji4wJsXsEAE&adurl=

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame D45A 17 KB
7 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:46:18 GMT

GET
H3-29 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/ Frame D45A 2 KB
1 KB 24ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:21:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 499
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1316
x-xss-protection: 0
server: cafe
etag: 797314601362473214
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:21:10 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D45A 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 204 l
www.google.com/ads/measurement/ Frame D45A 0
0 16ms
16ms Image
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaQgs3DsqPxNbRimmcLwFj9VswBiUJDsTULPXMNw8mRWTstv4rpBPmZuZxNYujq4D7v8ese70UEPo4Fux9zco8fl2JR0kA
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 1571823722941428399
tpc.googlesyndication.com/simgad/ Frame D45A 42 KB
42 KB 25ms
8ms Image
image/jpeg 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1571823722941428399

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1da026b32f0dd3efe9de209cefefd46d3685918ae8b927ca6548b5aca9ca2484

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 14:45:55 GMT
x-content-type-options: nosniff
age: 125014
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 43421
x-xss-protection: 0
last-modified: Mon, 17 May 2021 13:00:44 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 12 Jun 2022 14:45:55 GMT

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DA4A 73 KB
28 KB 15ms
15ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DA4A 10 KB
8 KB 38ms
23ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ee011f9451dd2bb44a806306c913b55f9c3acd8abd0bd6eadc0143c1baff41ba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7923
x-xss-protection: 0

GET
H3-29 200 container.html Show response
597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame D4B8 6 KB
3 KB 22ms
6ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:29:29 GMT
expires: Tue, 14 Jun 2022 01:29:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame DBF3 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D45A 0
0 39ms
38ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssJUtLDHbQDgx6J4rzkJ-4o5XDlIiQPKmyCk3w8yIAWVGSIFyh-dEMJywSEnhQGYFSWtvznfga2LrEO_mu0MlvLijPZUvIzqR_b28fDaQyJU4kg0MVvz-UAZe0l4pVbDP3zskeHocIwJG6CRRk-v5QsveBNPfC7wGM1hDZaH_9Izb-4e0d1SFxpqhHPA-LXzu_CK5fnZw0eaFagyzqYJJGDXH_bZsQfcY7yS1_1WIJsNpQZ5RkkRlk92-fJnyJZ9h4szOdgidzMW1X6Ye5PvPpHGkYO7qVJ6PgdymmLXedi5CBK2jF55R_vRkPr6oaKQDFw1f0ob-Wm-Q&sig=Cg0ArKJSzBuXKej_hAV_EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
DATA 200
OK truncated
/ Frame D45A 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8c16b4babd0e2814d923822f32c1e754b6802ec5c502724dfbe3284b0ac9168d

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-29 200 container.html Show response
9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame F2B7 6 KB
3 KB 19ms
6ms Document
text/html 2a00:1450:4001:813::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:29:29 GMT
expires: Tue, 14 Jun 2022 01:29:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame E0B9 73 KB
28 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame E0B9 10 KB
8 KB 19ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2323e247399ae26db0647616156be8167d90e84cb290242749d1056a352b518e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7948
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DA4A 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 container.html Show response
32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 3AFE 6 KB
3 KB 10ms
7ms Document
text/html 2a00:1450:4001:829::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Mon, 14 Jun 2021 01:29:29 GMT
expires: Tue, 14 Jun 2022 01:29:29 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1408 73 KB
28 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410781212720"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28237
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1408 10 KB
8 KB 18ms
17ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b2fae6cc30abda3c736ee09e77f2487d49c65e139200a47104ef1d105ba75b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7879
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame E0B9 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 84AB 12 KB
5 KB 9ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8E21 783 B
531 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

ad6aff42a13f4d272025f2b2e9002bef66e1b4a9adb163cef25099b3ea83a51b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-rUS0mDFF4pytUUx36AGdhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:29:29 GMT
date: Mon, 14 Jun 2021 01:29:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-rUS0mDFF4pytUUx36AGdhg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame D4B8 22 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame D4B8 8 KB
4 KB 10ms
7ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309637/ Frame D4B8 45 KB
13 KB 161ms
63ms Script
application/javascript 54.72.101.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.101.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-101-145.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 16f85ef990ea5de862970b84748db8d6868a5abd5254c2cb08e84722f6812ec8

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-server-name: app10.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4B8 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1408 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js?31061412

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210607/r20110914/ Frame F2B7 17 KB
7 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210607/r20110914/abg_lite_fy2019.js

Requested by

Host: 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
URL: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 00:46:18 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2591
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7010
x-xss-protection: 0
server: cafe
etag: 16168581138844513892
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 00:46:18 GMT

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame F2B7 22 KB
7 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
URL: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F2B7 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
URL: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame CB6E 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 9A7A 783 B
531 B 16ms
16ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

7c06cd44aaaf292cdd731557ec551aac8ada9cb9e5a7cb70b3be7144a34ae615

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-nelMzuTB/McWgGHTrL3u6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:29:29 GMT
date: Mon, 14 Jun 2021 01:29:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-nelMzuTB/McWgGHTrL3u6Q' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 512
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4B8 0
0 39ms
39ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsslV3jYEgvNZ_fPir7kabyQWXI3Km5l1D6GybY8TQFf0xo42vYpyMTYRn7CNk5W730tnT3HBiLsRB3CUjFzcql2aooMmN9WgN8vx6yXTBC6rZ2-yOsSaSPLxpKeHrAxjLpHutbFPw0IMpJ7xOl1BQI2hXtPFLMajcs5xXMW-FDpE9qQNMQGpOnFo90uvZcOuM9z3LCZjp-s0nJVgCNusItpoTp0BlBWE9o9CqFLmTM22xYWXsX8FIcsyiuxe_9BnCC0RGVtnMBy9B1bglOm1etkFTJp3yMa8Q6pb_ZJQ8clLhZqqiP7wpPcYpqCWKIFxZI&sig=Cg0ArKJSzErZOH1OnZmeEAE&urlfix=1&adurl=

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame D4B8 37 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame A567 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16577
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 925C 783 B
532 B 18ms
17ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

d4ef4742ca8a936fb23e2a0c1380c68cbf732df61fb3c00262b685b3c01dcfaf

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-DXX6clBhhRqKNKcHb1lVqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:29:29 GMT
date: Mon, 14 Jun 2021 01:29:29 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-DXX6clBhhRqKNKcHb1lVqA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 3AFE 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61416
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 08:25:53 GMT

GET
H3-29 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 3AFE 8 KB
4 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:05:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1429
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3796
x-xss-protection: 0
last-modified: Mon, 07 Jun 2021 18:22:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Mon, 14 Jun 2021 02:05:40 GMT

GET
H2 200 skeleton.js Show response
pixel.adsafeprotected.com/rjss/st/488356/54309639/ Frame 3AFE 45 KB
13 KB 112ms
57ms Script
application/javascript 54.72.101.145
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Requested by: Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.72.101.145 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-72-101-145.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 6f3d953a992f6b85ebd98088f653db65007e9cf8154250a3ec9b83d2389934ec

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-server-name: app20.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AFE 122 KB
37 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H2 200 dfa7banner_html_inpage_rendering_lib_200_268.js Show response
s0.2mdn.net/879366/ Frame F2B7 109 KB
38 KB 29ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Requested by

Host: 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
URL: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 08:25:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 61415
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38568
x-xss-protection: 0
last-modified: Tue, 14 Jan 2020 17:35:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 08:25:54 GMT

GET
H2 200 B24705254.302297311;dc_ver=75.217;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=8oyo3x;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssuPV4H6dRCRXyGdg67a8rYdfNBj... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame D4B8 36 KB
18 KB 124ms
57ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=8oyo3x;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssuPV4H6dRCRXyGdg67a8rYdfNBjeA9Xp58RyUliX0PlqRQvn6q9GlFYGRaMqlWJhfbtT4GGOrgo7e78ZfGgMN-MWUtbbDnEHMiWQiB7DkxV0Y7VpxT4ry2HfTbio5KhF13XtvcNHHeooogqlC92cnGnFHM9a3HMjtnzEAKqlvUUKyoM_eIvw1V6YeEvuQ0me2gg5GEkId-LD7VhCaGtDFX3Z77od56VNluuVcR121HcU3E_TinCJYajBnk-VxB3O41toCGhHCWxu6jk_Hof78W9M5LhQKVTMHGKbigFJJscyGjKgh0V_RaOcv1Peg%26sig%3DCg0ArKJSzD_-1bupm0kREAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=sOyG2iXHNP;osda=2;sttr=61;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

04853d865cf9800752704873ef2f98588e8d82b85e68793731fc7c4cc34036f1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18292
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 index.html Show response
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/ Frame FAA5 9 KB
3 KB 20ms
6ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/dfa7banner_html_inpage_rendering_lib_200_268.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ad295ced7e8ae007a051ef82457acec4ffeb81e4bc8e5133f89f4999189b4bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2597
date: Sun, 13 Jun 2021 04:59:27 GMT
expires: Mon, 14 Jun 2021 04:59:27 GMT
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=86400
age: 73802
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2B7 0
23 B 39ms
39ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstkNAPT9CuC9VFq79ZPE4Cg64ZMVF7kQgG05ocm0LiDu_0NZJZZXtA38siArqxurBaIE4UBjaOBGyGJ4ty_DytOdRGXHG7o2KieNO0QbU9Z130bV9d6xNHJR2M5dwZgRTkQwv0RGANznIcHqjG3yPT-8bWIxQGqDObWOIhGsRlH8qe6_eBFTBF7UhRNOmPsuEGkedAMBBl_Hy3usTkXZhi0xtyPm0E7v1tZYM0WxwzNOteS-x4ltL-zkAwuN7GQwybmPB-ZKoxDRCNCWsMBjFExybkrfCN__5Ee89EnGdPB43vVVeOhL8XNDruz8iSys6oW4_l3-WJ4kd0&sig=Cg0ArKJSzAfbKupJhEpIEAE&urlfix=1&adurl=

Requested by

Host: 9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
URL: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3AFE 0
0 39ms
38ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssTYtWXYPqr1prgasZdxidcnGnWceHJFtigDI_hePWADdlXCZx0HX3mB_Q4I9r5eija4XThUuu1xFTtloq_-wD1Wf8d6nrA3s9djKOTQCt8Lef7vxI8z7A4NVcKe-zPeAudwJfkzeWUk8iaw7kmeQ3MsKOxuVSEINyBWD3DwaOqNwHFZaBkBOWaYmfwQyG4ReouZFW15pOCr90DHf7-4rdYA5b0ddc2p6L66UXw77b9ZDbVXk5TBY6OR_UuJt318GNEgIc5wxF2sUhuUAIHdl6o9TUv_Kp3jlb-RGRfMPk_HvC5ELy4lVzqEvgpxUQ32QG1mxbNUvTIiWBy&sig=Cg0ArKJSzBu9OJLtLntmEAE&urlfix=1&adurl=

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 impl_v75.js Show response
www.googletagservices.com/dcm/ Frame 3AFE 37 KB
15 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v75.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 12 Jun 2021 12:34:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 132897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15538
x-xss-protection: 0
last-modified: Fri, 04 Jun 2021 19:52:24 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 Jun 2022 12:34:32 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 84AB 14 KB
6 KB 21ms
8ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame CB6E 14 KB
6 KB 18ms
7ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame A567 14 KB
6 KB 14ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43685
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H2 200 B24705254.302297317;dc_ver=75.217;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=8ymfda;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2Y8z3p8IcHvrqFTkZoQ0H7ARa... Show response
ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/ Frame 3AFE 36 KB
19 KB 111ms
76ms Script
text/javascript 142.250.181.230
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=8ymfda;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2Y8z3p8IcHvrqFTkZoQ0H7ARaElnc1MCu0XnptDNSBI9PO9GnmZUvag-SsJPBDAZgRmnwJjMJ3TSz9CcMqWnMT0K3fyL7kivKEj1dvW7_8hlFqFx3rxz90r0zR6o0QiWxbIS58iZgP0q_Va3qBDuBAX4x_ricRGNwkA0dmdxTUAE4FAhDG2-VpeFmMuk27ErwYZUD0rndzsHWLInT5M9D5NErIaoqlO6F_1EZH_g96YpDGonqgE6DW2qqf2D4r6FIJ3RKWkW2xdQBNma1aDHXMSw8Rp_ew11pOxj4HfQ7VDzYDq9qKHcCvTEvjb_VVXlTs9Tg6sfE%26sig%3DCg0ArKJSzPl59qccRn5tEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ZSEYrWO2vI;osda=2;sttr=12;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v75.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.230 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f6.1e100.net

Software

cafe /

Resource Hash

8355b850fb33775455d025e02c79ce82903a780cc1937091e3fc8bae01cbfcf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18872
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 default.css
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/ Frame FAA5 2 KB
796 B 9ms
7ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/default.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

66d84c5b8ebab0d19492756bdde52fe6638985d886b74a294cf6b110636523f2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 772
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 04:59:27 GMT

GET
H3-29 200 style.css
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/ Frame FAA5 8 KB
2 KB 8ms
6ms Stylesheet
text/css 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

372c940a13cc67025b79445f5f76f5b18a213f37eae412822bea0d3584aa8668

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1633
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 04:59:27 GMT

GET
H3-29 200 imagesloaded.pkgd.min.js Show response
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/js/libs/ Frame FAA5 5 KB
2 KB 9ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/js/libs/imagesloaded.pkgd.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1810
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 04:59:27 GMT

GET
H3-29 200 gsap_3.5.1_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame FAA5 60 KB
24 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/gsap_3.5.1_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24155
x-xss-protection: 0
last-modified: Mon, 31 Aug 2020 21:23:17 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 preloader.js Show response
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/js/ Frame FAA5 673 B
390 B 8ms
8ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/js/preloader.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2fa12af72441de0744ebef379e12223c4c6c2d4775e764fc7291cafa5599cd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 366
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 04:59:27 GMT

GET
H3-29 200 animation.js Show response
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/js/ Frame FAA5 7 KB
2 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/js/animation.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6416c27db9bc922254aa4ec9960b80a2f2402b6e4f5b4621a0195d06b86b25f6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 73802
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1820
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Mon, 14 Jun 2021 04:59:27 GMT

GET
H3-29 200 F1-image1.jpg
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 20 KB
20 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F1-image1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

56698eacdd95390c49f5ebceda5618157c82ce8cf57012d6b30a4b52b3d3afd6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20914
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F1-image3.jpg
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 26 KB
26 KB 7ms
7ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F1-image3.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7e1fc71db515228e4fdd1e1ba1699bd358c4f8790aaa6cd7173f85633450be51

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 26459
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 EF-image1.jpg
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 18 KB
18 KB 9ms
9ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/EF-image1.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bfb96f227db3a54f2dc4a5e46bd3e3c76c89710e75a4489ba66c3d77eda60e58

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17968
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 waterGlimmer.jpg
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 17 KB
17 KB 7ms
6ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/waterGlimmer.jpg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2513780bd6c6f2dfa78789dfedbe2e8ffe652d56370b4a2482ae14350f005e7f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
age: 73801
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16950
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 light.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 9 KB
9 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/light.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8ae42473cff1c6cf7ee986c511290bc70795d85e181bc3103a8169b243b8f31c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9409
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F1-copy1.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1021 B
1 KB 7ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F1-copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4796fcc5cfdd5be77eca5c9b0e13a92339ffa7bc7bd21d84eb9c2620feeacb2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1021
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F1-copy2.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 919 B
941 B 8ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F1-copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

39bd1416c40988699ef5f72a005f666d9f59410f76b27f28e6d464ca2424eb65

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 919
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F2-copy1.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 983 B
1005 B 8ms
6ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F2-copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69edc7d52f7815db3e1bdcb34ec7c437251340f734bc0d042f32ff76286e78ce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 983
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F2-copy2.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1 KB
1 KB 9ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F2-copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3a89e5cc6dfb7ec7daf881fa9c95cbc8fe5260b2ecfbe4852170e36aa709629a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1364
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F3-copy1.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1 KB
1 KB 11ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F3-copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fb354981d95692154d88c2164ceb8f3b741699418b198e54cc03c8cfc6330f6d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1215
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F3-copy2.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1 KB
1 KB 10ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F3-copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc797dd1452bb77265cd8203ddb579571c28c4c690f413f507d03e372c61310e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:50 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1244
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 EF-copy2.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1 KB
1 KB 10ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/EF-copy2.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59998b3573f1e625f29a0caa939179183b4f27c24433a3cddafb8bff1b67ac82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1474
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 EF-copy1.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1 KB
1 KB 9ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/EF-copy1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d48266adc441aec152d2f899a6596ea3228153cb55d783edb9480454bc89285

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1232
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 EF-copy3.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 2 KB
2 KB 12ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/EF-copy3.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

af01ccc29fb87bb761a3b04fc94edcbec8df2d2eb7a09a08e2f885590b6694a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1769
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 EF-ctaArrow.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 246 B
268 B 11ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/EF-ctaArrow.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7762efe57d4c5464dd6c04a386b78830d777ae4d8579bac8b2b46a1ce3b1a401

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 246
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 G.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 577 B
599 B 11ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/G.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10e35336ff028cca8fe068dafafeab69b6612756713d21b20dcd1a57100cfa8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 577
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 E.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 260 B
282 B 11ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/E.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7ca272d368fd91e65ec1ac1b0639bedbd313a72b029c52b8fefa9552b86c293d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 260
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 T.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 224 B
246 B 14ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/T.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3bfdb856554d3fd81c3d1624515d0624b7fe289a9e19dcebb5e141d55c7c7a73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 224
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 H.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 291 B
313 B 14ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/H.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a9277310c05b27170734e0c75b002286785c97712cff5e5f2c5c40d961068ec9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 291
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 C.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 426 B
448 B 13ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/C.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d851e8849dda3e06a3c9c3e1422eb7cb79a8cfb3f05ee4fd0248d8fc4fd8d65a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 426
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 L.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 218 B
240 B 13ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/L.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

649d42a2a0c830ea56c3a05d3b549643a4081611393a024f3ba100a291610dc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 218
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 O.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 509 B
531 B 12ms
10ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/O.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9061727c3c22a8fd7db7d80dc326459218343de446d328daf1e51162610c889d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 509
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 U.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 400 B
422 B 12ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/U.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2c555b43ca598646e308ed3670fa9f544056ac43fdb0f9407e6c9f9bb7ad00e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 400
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 D.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 451 B
473 B 11ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/D.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7371056e595f660bc0ed68f23f0bbc36f51bfc8f6e0e873ff97cde7b7348e357

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 451
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 A.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 425 B
447 B 11ms
9ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/A.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5babc71b99b3a40d6af4780a24a68e852eb5b7cb89eca344cfcd90cd42319f4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:47 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 425
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 M.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 2 KB
2 KB 14ms
12ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/M.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8e39ec39354db513f338c6a1735bfc8a356e8063a431b963cb8fc70b2661073e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:48 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1790
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 S.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 473 B
495 B 13ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/S.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f8c9efbf4484511f3f9760c3ad6b4799095557aa03792ed3279fa95a3baab17a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 473
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 Y.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/ Frame FAA5 500 B
522 B 13ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/cta/Y.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d024fbac8e2d41f08bf1e4317dc623effc57698d8568f66096efb5963df9cf16

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 500
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 F1-logo1.png
s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/ Frame FAA5 1 KB
1 KB 12ms
11ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/assets/F1-logo1.png

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

72935af0fc26206d68f050c1a740ea1da16650e9d5c890fece6dfee79fd98f26

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/dfp/384545/37259705/1616421827881/620000107_Q221_GreenLake_Controlling%20Costs_jpeg_html_banner_300x250_EN-US/300x250/css/style.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 04:59:28 GMT
x-content-type-options: nosniff
last-modified: Mon, 22 Mar 2021 14:03:49 GMT
server: sffe
age: 73801
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1261
x-xss-protection: 0
expires: Mon, 14 Jun 2021 04:59:28 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame D4B8 8 KB
3 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=8oyo3x;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssuPV4H6dRCRXyGdg67a8rYdfNBjeA9Xp58RyUliX0PlqRQvn6q9GlFYGRaMqlWJhfbtT4GGOrgo7e78ZfGgMN-MWUtbbDnEHMiWQiB7DkxV0Y7VpxT4ry2HfTbio5KhF13XtvcNHHeooogqlC92cnGnFHM9a3HMjtnzEAKqlvUUKyoM_eIvw1V6YeEvuQ0me2gg5GEkId-LD7VhCaGtDFX3Z77od56VNluuVcR121HcU3E_TinCJYajBnk-VxB3O41toCGhHCWxu6jk_Hof78W9M5LhQKVTMHGKbigFJJscyGjKgh0V_RaOcv1Peg%26sig%3DCg0ArKJSzD_-1bupm0kREAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=sOyG2iXHNP;osda=2;sttr=61;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:26:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame D4B8 0
545 B 107ms
39ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssXDba668kh_7o6nkAMY8EZc0_e6WhXPjTtFkJlTZP7P_sjGdE4NhlGHKHeDOrPldPs4eqWTVht37MwbZDZFxykPPPCY12iwND_gGVSxnvEcS3nZpCpvlvROfvEfTXT11dHzo6GzcY7B_k19lk0-WmPCA8J2xpc6mb0aS2i1Ndtcw&sig=Cg0ArKJSzEJhNlqH3gmJEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210607.65616&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame D4B8 0
0 349ms
111ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149966235&rndnum=1094022413&site=N7442.3728797STATESCOOP&adid=495002688&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297311;dc_ver=75.217;dc_eid=40004001;sz=300x600;u_sd=1;dc_adk=192105431;ord=8oyo3x;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssuPV4H6dRCRXyGdg67a8rYdfNBjeA9Xp58RyUliX0PlqRQvn6q9GlFYGRaMqlWJhfbtT4GGOrgo7e78ZfGgMN-MWUtbbDnEHMiWQiB7DkxV0Y7VpxT4ry2HfTbio5KhF13XtvcNHHeooogqlC92cnGnFHM9a3HMjtnzEAKqlvUUKyoM_eIvw1V6YeEvuQ0me2gg5GEkId-LD7VhCaGtDFX3Z77od56VNluuVcR121HcU3E_TinCJYajBnk-VxB3O41toCGhHCWxu6jk_Hof78W9M5LhQKVTMHGKbigFJJscyGjKgh0V_RaOcv1Peg%26sig%3DCg0ArKJSzD_-1bupm0kREAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=sOyG2iXHNP;osda=2;sttr=61;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame D4B8 41 KB
15 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
H3-29 200 04262021-072232537-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png
s0.2mdn.net/3569326/ Frame D4B8 144 KB
144 KB 8ms
7ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04262021-072232537-AMER-ENG_VT-05_0_300x600_BAN-S_PNG_TOFU-no-Cross-Architecture-DigitalDivide-ALL_0_105.png

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

79cc192458ca20ad45d51d1a6ae6c26994a23a9f882865613ee52b342b47476d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:31:21 GMT
x-content-type-options: nosniff
last-modified: Mon, 26 Apr 2021 14:22:32 GMT
server: sffe
age: 43088
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 147416
x-xss-protection: 0
expires: Mon, 14 Jun 2021 13:31:21 GMT

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=495002688;cache=1094022413;
ad.atdmt.com/i/ Frame D4B8 43 B
1 KB 52ms
30ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297311;a.a=495002688;cache=1094022413;

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: Vy8nX6KNHDHcaifBCuGhlpe4D5OPHKPUDqNqSPBImInqq7cH/jIApoi4CB4UNvEY/v0dfrhIj44CkoHIIraHrA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:29:29 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
events.mmi360.net/ Frame D4B8 68 B
134 B 432ms
194ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297311&crtvid=149966235&rndnum=1094022413&site=N7442.3728797STATESCOOP&adid=495002688&aucid=&exchid=&sellid=
Requested by: Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame D4B8 183 KB
58 KB 174ms
86ms Script
application/javascript 52.48.135.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame D4B8 122 KB
37 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/ Frame 3AFE 8 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210607/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=8ymfda;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2Y8z3p8IcHvrqFTkZoQ0H7ARaElnc1MCu0XnptDNSBI9PO9GnmZUvag-SsJPBDAZgRmnwJjMJ3TSz9CcMqWnMT0K3fyL7kivKEj1dvW7_8hlFqFx3rxz90r0zR6o0QiWxbIS58iZgP0q_Va3qBDuBAX4x_ricRGNwkA0dmdxTUAE4FAhDG2-VpeFmMuk27ErwYZUD0rndzsHWLInT5M9D5NErIaoqlO6F_1EZH_g96YpDGonqgE6DW2qqf2D4r6FIJ3RKWkW2xdQBNma1aDHXMSw8Rp_ew11pOxj4HfQ7VDzYDq9qKHcCvTEvjb_VVXlTs9Tg6sfE%26sig%3DCg0ArKJSzPl59qccRn5tEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ZSEYrWO2vI;osda=2;sttr=12;prcl=s

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:26:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 164
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 28 Jun 2021 01:26:45 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AFE 0
60 B 60ms
39ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssWjq5xLMroEQlD8YXzvIwkB07vcReSlmWiTpelOSrh2M7XE-86vuvX3EeMIdgKM5cAvB-UVaCBaVzV3U2KT4EHmSLRumlcO7OAoVnnN1JROcU2nR-ZCGc41BerDv-Bs7Ejtb3EWKJbeTkeEGATW-h2jIVY5LiQrm00wMLdGSyzaQ&sig=Cg0ArKJSzDQHLKjM9z3tEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=0&cbvp=1&cstd=0&cisv=r20210607.01144&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H2 503 mmi-zip.js
tags.mmi360.net/ Frame 3AFE 0
0 302ms
112ms Script
text/html 3.12.243.139
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tags.mmi360.net/mmi-zip.js?cust=Cisco&type=js&plat=CM360&mode=ivt-blk&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149873628&rndnum=300757685&site=N7442.3728797STATESCOOP&adid=495002631&aucid=&exchid=&sellid=
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N7442.3728797STATESCOOP/B24705254.302297317;dc_ver=75.217;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=2711260096;ord=8ymfda;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjss2Y8z3p8IcHvrqFTkZoQ0H7ARaElnc1MCu0XnptDNSBI9PO9GnmZUvag-SsJPBDAZgRmnwJjMJ3TSz9CcMqWnMT0K3fyL7kivKEj1dvW7_8hlFqFx3rxz90r0zR6o0QiWxbIS58iZgP0q_Va3qBDuBAX4x_ricRGNwkA0dmdxTUAE4FAhDG2-VpeFmMuk27ErwYZUD0rndzsHWLInT5M9D5NErIaoqlO6F_1EZH_g96YpDGonqgE6DW2qqf2D4r6FIJ3RKWkW2xdQBNma1aDHXMSw8Rp_ew11pOxj4HfQ7VDzYDq9qKHcCvTEvjb_VVXlTs9Tg6sfE%26sig%3DCg0ArKJSzPl59qccRn5tEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=%5B%22%22%2C%22%22%2C%22%22%2C%22%22%2C%22%22%2C%5B%5D%5D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=ZSEYrWO2vI;osda=2;sttr=12;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.12.243.139 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-12-243-139.us-east-2.compute.amazonaws.com
Software: /
Resource Hash

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-29 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 3AFE 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 52837
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
H3-29 200 04232021-075338619-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png
s0.2mdn.net/3569326/ Frame 3AFE 176 KB
176 KB 8ms
8ms Image
image/png 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/3569326/04232021-075338619-AMER-ENG_VT-05_0_970x250_BAN-S_PNG_TOFU-no-Cross-Architecture-SafeReturnWork-ALL_0_105.png

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f24ac9e8a3e565b61bbf64e418f2d542462f527649e99c9d64fdc5a7310b41b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:10:53 GMT
x-content-type-options: nosniff
last-modified: Fri, 23 Apr 2021 14:53:38 GMT
server: sffe
age: 55116
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 180112
x-xss-protection: 0
expires: Mon, 14 Jun 2021 10:10:53 GMT

GET
H2 200 /
events.mmi360.net/ Frame 3AFE 68 B
135 B 383ms
194ms Image
image/jpeg 3.140.174.87
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://events.mmi360.net/?cust=Cisco&type=img&plat=CM360&advid=3569326&siteid=6840654&cmpnid=24705254&pcmtid=302297317&crtvid=149873628&rndnum=300757685&site=N7442.3728797STATESCOOP&adid=495002631&aucid=&exchid=&sellid=
Requested by: Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.140.174.87 Columbus, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-140-174-87.us-east-2.compute.amazonaws.com
Software: awselb/2.0 /
Resource Hash: 63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
server: awselb/2.0
content-length: 68
content-type: image/jpeg

GET
H2 200 img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002631;cache=300757685;
ad.atdmt.com/i/ Frame 3AFE 43 B
162 B 300ms
299ms Image
image/gif 2a03:2880:f01c:8004:face:b00c:0:8c
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ad.atdmt.com/i/img;adv=11002245653149;ec=11002245685555;adv.a=3569326;c.a=24705254;s.a=6840654;p.a=302297317;a.a=495002631;cache=300757685;

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8004:face:b00c:0:8c Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: bjD0vPvufQ/5jf97ESWSygW6KCOE4dVdB4PDESfH/bkhFt1hUyEvMUX/TdfeuQbtkxP7tyOMtMqMyLJLlvYtYw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Mon, 14 Jun 2021 01:29:29 GMT
vary: Accept-Encoding
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/gif
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 main.gr.19.8.206.js Show response
static.adsafeprotected.com/ Frame 3AFE 183 KB
58 KB 81ms
41ms Script
application/javascript 52.48.135.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.gr.19.8.206.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/rjss/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
last-modified: Tue, 01 Jun 2021 22:03:45 GMT
server: nginx/1.16.1
etag: W/"f4d80fb2c423b91d55077116728f6247"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 3AFE 122 KB
37 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1623410775224219"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38028
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame F2B7 0
0 38ms
38ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsupiSRDwBANKcDxptoWHGrUjLJqgHw0MUQTWZ10pdRLgC9jYJvpQ71cMNow_xzsxEYKC1yWxHOemUR4naq2DUCuy3uyaLIJlyKP3jV8T3Jo8WcfdWENlTl2-RKOyHGysn-QkypSWmcfzMHHgssieDPowe0MakZzJzBHp5HsBxg4hYphXfoO46_amalWlhojPIbXEhHaXaLFjJoAyzckmP-GKBXnJli8uzYhB1QITIaxDjSh5oXpadw6oE7Xo3bs6VFPR3nyW4053JQCGHRSG5VZVEJ9nvVFHyN2q5EZGpNY4EtaFZilLiK3LFg6woJVTz9Gv7GmrnZcwB9gwA&sig=Cg0ArKJSzNxb4dqbZqJrEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
DATA 200
OK truncated
/ Frame D4B8 209 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d0718481ccd8588f91b2682a49526313947bc4e213e433bcb5cb339d2b4bb351

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame D4B8 0
23 B 81ms
43ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame D4B8 0
0 38ms
38ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmUc2LdKis1MvpLEgbp4eh07ZjWnsEwcAcHrmH555KfQk9WgLrXEhFtvdhLU6VVjBdytNLBA0YpukHf_KApSO9yTny9icvZLi8_btZ_OtTiQMIilkZvQjUdFPLJf9VkxxQc61QVxGv5do4y5dnuOXkQgPi7e5-sicYE8mS8xIrM1db7Nvh-le3JNQY8I8NgrBvu4A5dPfm2-5f3-pnLUWB46muoVo8IZhJXxDFxVbKeEIU1XsVaBdKvmT0cJJROfOes_NVoxFbY87jH8b1aFH7n6Vmr5zGOhIT-3H1DDfiEWqds-kva8kBEIrCe8tVg61-WA&sig=Cg0ArKJSzAlxwYdAVHeNEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 6662 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 13 Jun 2021 10:48:52 GMT
expires: Mon, 13 Jun 2022 10:48:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 3AFE 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e4d4b49a305d4435743e39b117e3ae36d121e878945d8574e154cc25b0eecdb

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

POST
H3-29 200 view
googleads4.g.doubleclick.net/pcs/ Frame 3AFE 0
23 B 43ms
43ms Ping
image/gif 142.250.185.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s49-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-29 200 view
securepubads.g.doubleclick.net/pcs/ Frame 3AFE 0
0 43ms
42ms Fetch
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve4X-sVaKs5duGkqT4M8frMdgltS9AMfGpdG_Z-KNuC2BpPkFDSWzRsmVuxAGcwmAtjJCVzUYvCPsKh7xvXZ6OMPtWZxs9UxvHoTB0cjo-DU8J2Fnf86TciG9a8UCuhQPaT3POkME3q9YST7qEotpGsUJmIkDyGHXge5dYRV2yDWcWRoEQnmVjcg5n4xintmtGatZ_VOXi_eSsp0waj8MJmfMlcOEymizn6gm-jeQ1wEfVz57YO67q-DefumdXFuTh-d0w-zIKHid6BdlMrsAdnQA0LaE3Yb16CXjYPjdcg4X_PFx9f7j9WXxSvL7LNiKZnoy_ptizFPHorn4&sig=Cg0ArKJSzGFu2Ddb-j8aEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:29 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Mon, 14 Jun 2021 01:29:29 GMT

GET
H3-29 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame AC64 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Sun, 13 Jun 2021 10:48:52 GMT
expires: Mon, 13 Jun 2022 10:48:52 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 52837
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 3AFE
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309639/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

40ms
40ms

Script
application/javascript

52.48.135.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7780909
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:29 GMT
x-server-name: app25.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 994C 82 KB
21 KB 39ms
38ms Script
application/javascript 52.48.135.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:29 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 1032324
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame D4B8
Redirect Chain

https://pixel.adsafeprotected.com/rfw/st/488356/54309637/skeleton.js?ias_dspID=64&ias_campId=&ias_pubId=&ias_chanId=&ias_placementId=&bidurl=&ias_dealId=&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com...
https://static.adsafeprotected.com/skeleton.js

17 B
240 B

38ms
38ms

Script
application/javascript

52.48.135.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: nginx/1.16.1
age: 7781371
etag: "53fab767ecbd3bf07990b10246befbd4"
x-cache-status: HIT
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
content-length: 17

Redirect headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-server-name: app23.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.5.js Show response
static.adsafeprotected.com/ Frame 3213 82 KB
21 KB 39ms
39ms Script
application/javascript 52.48.135.146
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.5.js
Requested by: Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.135.146 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-135-146.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
content-encoding: gzip
last-modified: Thu, 29 Apr 2021 15:29:23 GMT
server: nginx/1.16.1
age: 2846553
etag: W/"5356fa8b6073c3eb408487be61ef7d77"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3AFE 43 B
216 B 300ms
98ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=7416c17d-e262-d973-bde4-e723afc9f7c2&tv=%7Bc:ftxPLg,pingTime:-2,time:333,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:422,beZ:423,mfA:640,cmA:641,inA:642,inZ:646,prA:646,prZ:658,si:665,poA:666,poZ:678,cmZ:678,mfZ:678,loA:718,loZ:720,ltA:754,ltZ:755%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:970.250,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:970,h:250,t:242%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:333,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:242,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B111~1%5D,as:%5B111~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgHvId+111*.488356-54309639%7C1111%7C112%7C1131%7C114%7C1211%7C122%7C1231%7C124%7C1311%7C132%7C141%7C142%7C1431%7C144%7C15%7C16%7C17,idMap:111*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:89,readyFired:true%7D&br=u
Requested by: Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-123-8.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-server-name: dt57.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame 6662 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4B8 43 B
215 B 275ms
99ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=c518f94f-cf6a-74e2-e1fb-56734489612c&tv=%7Bc:ftxPLH,pingTime:-2,time:408,type:a,im:%7Bsf:0,pom:1,prf:%7BbeA:443,beZ:444,mfA:800,cmA:800,inA:800,inZ:801,prA:801,prZ:806,si:809,poA:810,poZ:816,cmZ:816,mfZ:816,loA:839,loZ:840,ltA:850,ltZ:850%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:ins%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:366%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:0,slTimes:%7Bi:0,o:0,n:408,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:366,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B50~1%5D,as:%5B50~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:sAgHvHr+111.488356-54309639%7C1111%7C1112%7C112%7C113%7C114%7C1211%7C122%7C123%7C124%7C131*.488356-54309637%7C1311%7C132%7C141%7C142%7C143%7C144%7C15%7C16%7C17,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:40,readyFired:true%7D&br=u
Requested by: Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-123-8.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-server-name: dt41.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js Show response
pagead2.googlesyndication.com/bg/ Frame AC64 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Jl_KA3DWLl1pqAl7nrDeic27IkrJD7_aVFtTlraQVeY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 10:48:52 GMT
content-encoding: br
x-content-type-options: nosniff
age: 52838
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5751
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 10:48:52 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame E0B9 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3202915521510440&bg=!gYKlgsbNAAY6sG-_OrA7ACkAdvg8WjRSErmh0qD_cKy7KdLX_Z0JgYpMziieVW9lNgRy1DLzH1mBMQIAAAHGUgAAACNoAQcKAC4id1rmP6XkcUkkP3vHKas83xat6AlfToZ4bbgA1VonlMMZX52Vz94rp2fUVG5QmQKNjptcM4um6e2e7U2-s15cDzp0w09qZdWdZ0trugDcggh2vly-YwQZP2Y8U61JDwoHtg0TtnFqPBGAejfQ85Sl3-gdGosB26mMB0eDKXtODdZ4b4Fsgf2AXIz8_x7Adz0Lvt_VK4IOFk36PnhKjBoRB7n5KF2S5m_QKarEX0_w7soQ-2q18BShQos6DKuEVpFQXhr9TEQF7AJFs8_tB-vwxNJK-MV3b0UhG_CpVnaDoLQHBdMrj3NtFiFS1WKF5SKVaOX5pV7cYroN38jiSJv89U3at4P0gXJGiBPnSrkzaxYZBdrDro7_MN4Tmg7cyl0eiAQI4U-iy2kyx-PbjiNsblsZH0pTEuXaH0wGtUxLBp_5AdXtKN8Kyxlt6V5iPwNfxwAVBBcTkkLyM0odtn1mA2q21jSMlYP0R3PW8QvgGJYTQP4Z_cOCjqyuLPvj_9aglpjOJrm7YJudcCeLlZptBX2A4DEn5lvsTuD7qlZkrfTuaJDJiLGt2nAwe6-zK_ETJbu7S3kGQLApicyxUhTBpg3UEpQ2WF17aEYV4tB4M_QhqYX3q64hb3UIVtWtxE1FkBSXYzrbwpsfHZ_M6BHRSoRNj46w6c4DkIiFTptJzsJeaHQhh0i0YT1OzURbrQTKLxyzmAI2_vNX02mlyQxhoPNgavxz1mOnFYlM4yiqHxBdXVEZrhhaYyqevRw0njg1Mh3b1sv2Faufs0K45xrdA7pSoUUX1VmNR6y8KbRHPdg5pdN-z2s1BOGkwgUM8gwBK4dGbmDGJdIKJP2AhPg5ii5tAI4ZYUCfK8rOYY229HZQd4opFTcUYePYes5eiSRUR44qa6NEgK62Q1KsV9r1aPBwGE5yF95f7xwPcVA

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DA4A 0
20 B 17ms
16ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3873652329473282&bg=!sbKlsvbNAAY6sG-_OrA7ACkAdvg8Ws0GlN7QRY6V1Fi0iEA6ZjlCFMMzzrQTHsEm7XVZ1bT9sWqkqAIAAAGkUgAAACVoAQcKAAUztFnEMZkCjU42LM-jc2-uScWNHuS1ZhDHY-mNx1qDIMveX9305bEqJiq6PclVDkjJSt_NkdnGYi-S-uMk9A6EVmGwHCc3sPPehXeMxPqVJCkzxyGZW7oLucVIJ5GAau4tjQReQ3Xm3oyR6t9zXlmHqrV74Hgp4BsCStArP21U9n76kX3P_GPzPqq4nP6tsm8bU-FysAshNOxK1fGV7mUI3pi_J4kM3nyd1Zu-R-CRXRe-l3j6z6nuz8rTi3inAlTkzDXcXkbyunuaQsrW0xNwYn8z8kvxwuFpoo8VLu-fmQ79tjYlk_NOVcCJ9AOuZl57HPjRuY9p8DowWVW-TYXYv_m6IiTQVL1tdNUqjj4RUc6DQE8n8ijiz1dsGpAGOvdLCCkPIz9QvsMcQBgUErv8Sa-nuGnivsZHW6EVtsAw02iGXYzQWk098e7c9RX1VhhJaB7k7GCo4g-inq0HNcizH0wMFUQ-6PjOiGoKs8y6ZjBI-aCHBLsUyMtNc-VHJtisumPkY1A_ajGFnpt9o1QeWfjKO_32fTULnE3ZmeeeYXlZCQXWWpdU6TZ7qYJA72AuingndPQ9w3qsWyqzY6lEjYpKkWBXbbrVMmtpvDXCakt1jZRddnfY0RdAIE212oFtNNz3Pmj9HwNcdqg7oWJVwkt0KLxv8ZrwAKuWytAx0LV42LZPj3FT_WL69GucogBCuWjagk5bP9kquz7oAklhwW-ZOS4xwk2K_llNtCcCpBCu6MG1Rt57MkeMP9Tb66496paal88uav9jv_YHFSh0CPVIKkiN7bC2KFWDd74YKER4-jHmfTVDiZeYjXJOpSFHKRYQIdOViL0uW8uLQNEmS5YLH21imF6yB0fvJHpKGsTmEq_2

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1408 0
20 B 17ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=2590503508221787&bg=!XV6lXhrNAAY6sG-_OrA7ACkAdvg8Wt_PgM7scEM9XQKkTlNihANktq5iUf1wzW1Ou7apV4YtEE-qsQIAAAHpUgAAABxoAQcKAGxoCaMWN4pQzKAkYn1owJswiZusUWHZxHg_BYYoJclsOa0QzspCaevDcht9GsHctH4hQx0TJ7-vhelp1dG5d6hWHbhTZ3S6VHzXg9DMjq7oGMkypP0z6yuXctBoTBsfL3e5dxG30sfusGonvv6ZApGFXGZt-giDz-D9a6IjJVaz4ZIdpvlMszbxK7IuT3B2sltrXSO9Jx-5zc4oNmUreoOLxyUdx4qUzAeN9TRZAhyZRbMqrHlt-cRGH67avagkqTNv2xrA_ywPGXOI-viWJfm9o3boWXpAGVhdUAwsvbdmMSppqpSk1pnB2dsN_Tihc8hfO3Xrw_A1IqxKWUO_71vcH4FVuZoY2LRt9IqmlU6EKpjCPv_8BRlhVGS4QGvCguX6Y7Tw5VNewqulOxTmRvDHDKxUsirNin2UYFHm9Vb94tTDF3Sf-XKTpDjyO6FdPOBdRdOS4ldMJhZ2YvHHyQVC2W8y_YU527xLllsa9OAJtTiYBZIMPudTDJc9JxE97EU_fu1GDz6i6fezFlycDxqojQA3iok29_pRflvb7NQervg-IXdre07P6GAsdOMh_5K7ywajZ2320FfMNTuGpnYzXbzJRdt4YfvArhCkL4e9TbGJO0BGDyXGvKvCDuiD_y4Ft5n8OheLt1Q5x5MLWEtfxy8YVSJPINm3-yIPZvKnJ_1DKeFeghgssdA2JA9erPoGBxwqxiHDcNt0vY520926_NNpWZzuF3wCxUtRoZL2Ou0NHf0ocAIiukN5klP5jScLSkXvi0nO9q318w9MyckNuxk0WIPkieR4mYWykKIhn8M8xw5bZeFUk7JDpbGwgLDUg7UsCSFFoKwMYP9RDdOrQUOSkS-bR_zpVlUgBQCc_wIYk4DsrnNGyeYJYSGjp0F9f_iil95bDieO47kQlc5pXueLFawqngTvYGpUK4IFu34WfCepyQ366dXQkLHaZDz4weYxlpZYx6-wxbOFHSFLoH7HiEkbegtbd_455UK0lwnN1-0yV8rTF5YICJyA6xM

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 6662 0
20 B 16ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=Bn7ls-bDGYOWnIfPd7_UPtvacyA4AAAAAOAHgBAI&bg=!VlWlVRHNAAY6sG-_OrA7ACkAdvg8Wu5DJDo40Hruw8nyRfesxX-mU6USVIUArI9oV6MGChYGOXCzswIAAABxUgAAAA1oAQeZAtOv-bKL9ap2FQKVfdulEc2xghwiXixB9U_GWK0_mP--Hk_jsCFCfLyDWUidudy0BRNTQWL79-_gBfeLSDzk_KwpxC5m4Gf9NVHuBDNd31xeUkupxIZ2JHxmI0VVtDxFbd9EkWkRn76Xm_a_bf6I6MyXr48LgFua3sQtX9TTOZMO5uj9aWIkaiib62MtC9Ykab2z8jOg0T5NlRA4D7JoQBocVniyZUBsfRAnMpLh35PYO2v7G1oKdREbCrrWnDIZn9e-hrAFQZwjZS3FBsSA7xUrXwH5ykCm8E4WI2zdVN62bT5RFY1kC1cZxmA2FITrZIuAFh7IQuETpv2uaCncOAu-NKdAavnSW4ZDkvamsrcSUL0GHofPieEPTlwPfbqR4kF61SAKOJRAP3loH6KxZEmavhRwu1A2YomyH9QEDBFhP8tufAQWX0IcDQjCk3C8GqWcGs1HjLLhr3qjCBwg1kDbBcnc--b21zdbIiRNDMPBPJxIyEDQOZF66lSVUdTdLaLfiJjplmflssm5US1KOV7acrw_9sdFL_fOcPJNo0RZHWpFEn8Z-dT7Cw0osjdV1MaoQwlN5ipVlvLhlE10StWJLnLhzeugeBMJdebJRAOE3jBYHnYiAxOsmB-Z4viDB5LAV8AYi3nXnemqyeWOf2xa28mtF4ew7TIoVN9w6Z8FzBm0iZsHj2LPk8EosX3XUqi9LgPN8OZypZULnnhyKYxThUd8xZbJghKinl-4FU8MuQiZ8BcGDSFueJ5PYj5hhAlVi3mITYZedBybyhmiGgzTmFdwl18VfRPI6OyZN1qR_i_q4f0pm8ruLH9jJH7rIHz4jsYEKWwTQF8EKvbx5E6-d4jmIahvnqVyO_RczW2pT2RPTOB4QaWO209brGaNHoQr3EBqsgqalbxgAZ8rpTcNrIaQvx9weQKTg8wKQr9Y038X2kb56ytsPcdqrSH0nHm3e6s

Requested by

Host: 597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
URL: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame AC64 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BDvXQ-bDGYMS1IYLT3gPxjKXoDwAAAAA4AeAEAg&bg=!Hh2lHVnNAAY6sG-_OrA7ACkAdvg8WqII7f7ub4E_kaZQ9W-x40EDXZIm0Fvt10jewciahu35a-9m4wIAAABzUgAAAA1oAQcKAI_AEdfIQlWTaezhC7DXwUFghrxIjFpmaqij9YtpNinqTSeBd0itPWw4kPZfY9dEFgD--1K2RDOERE37xXnmzW_R5KnbXeRDAYd3F_BYJ0NkOqirCQoS7wC9YrRG_npQxBNOufUEPJxtfOb26kwqexRpy-CAL_5zeoFT4Lj6Df2El5reSWGqol5tnODc3gxIrJkC5--vKkdb5azxpIR8ReTQzlc8uxjM4V0FqWfeA7CrpPjfaevMFqaioARKgssucQTW_UHxnvnb2HMNqCh1RkvJwQhVgWWz6xLG6zBNPNi5FRz4k5ovIZm7TvP_301A-LslMv8DDpEXlHkfKIYQTb_q0WcVIwoT7F2dOLSvXhrpIsl6b1EjfXxMWHMbUF586sirUeCvwkfMylE3HD_XTVlwe1VzZEml1wZP_GDKkObJ6VfjS8h8BCsIDeB9-Y_wKN_W5fSG2C3U5enWDiNnagkRaEA1zDaS8BA1fbXwUTbDUC4En6hXpgmCQ17VSv1toHijcBsFgauXIXmux1aHyxb_sPfC6SGzwGgTan1hcjtD7pOCpEjXTuIGQCXNfnPmkB2ewHJ4UKW1SFIRF8J-V37rP8MJugJW7Z9CuEK7cIWmvvxpa4YMwP68BCngnejCoYUtb5qpYpoSXKgoNjxeNnZbsFA6lQ-Ur7X4oH33LYHosyJjPpY-cfRjm26oaVBweoiflg8WCU3Uttvoo_WUMahsXZExXi6_HHY4a3AA_ZHvk6xiJnaurFoxy5zTeuUmFj0QdnYoQgEshobdzMhwhUIK1TXF7HIG6BZADPMiDCCDK61cKc1s9x1fcw6ihwaOaUJhy1HHveqkuut_StqWa_64NPJwX6LsbmZi7cMdNzyouiW_8GNXdTMWMwGdtRLOhNsr0tAIICfwWvgXomnceFy8-q-K9Lyt6biuY1U0qDEDQcpek1qvLwPy3S2h7zWYxGMPj-ydJPADRcdNBf93URM0cShfxlpLw8liZuit6nbjQ5I2C29YK7cqoPW2J0EDYkDXx9znTUs5n4f93UA4e_57NoIkU0UvLRfpm1v1tOdx06x5Gj1zM1I7Q-gNVGb7M3xzkh6KtcHKTBbJtJXVNhDNc4hzSsB-JLX1As6PKkL2f8yla5WeG4RiT9dsVcD43ueVMRb-Z9Irj4Weev7W8FZgA5qRADO3JtpV

Requested by

Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 3AFE 43 B
215 B 100ms
99ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=7416c17d-e262-d973-bde4-e723afc9f7c2&tv=%7Bc:ftxPQf,pingTime:-10,time:642,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623634170330%7C%7Ca01348fee8e960c414b9d67fd81f3021%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cf1509538afe29e815121d89fdbc638eb%7C%7C96f10f03b18b0178ccff05328422a51a%7C%7C072800fabd316641bd629c5b588831fb%7C%7C1041eb16b52395452f6a7b8446af2c6c%7C%7C0ef17500e0e725fb49f76726a9001a04%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: 32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
URL: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-123-8.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-server-name: dt07.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame DBF3 10 KB
8 KB 18ms
18ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021060801&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

775112a302231107271f162ad9aae131284b341fc9af8bec4789bd6685e12cdb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7999
x-xss-protection: 0

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame DBF3 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021060801.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:30 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame D4B8 43 B
215 B 100ms
99ms Image
image/gif 52.207.123.8
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=488356&asId=c518f94f-cf6a-74e2-e1fb-56734489612c&tv=%7Bc:ftxPR6,pingTime:-10,time:743,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.5v220002022000220000022002222000022220200000222200222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222202000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS41djEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS41dk1vemlsbGF8fE5ldHNjYXBlfHxufHwxMnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1623634170383%7C%7C30048efaff9ed85a305ad3663ee28158%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7C68824fcc8fa58e79589f73010acf289a%7C%7C32690d38dc9449a54fbabd48a16d3241%7C%7C97f6550114b78ea12fc8cd9d8e4944ac%7C%7Cd171a79a9113a596fe29431c360b9a79%7C%7C0fa78e5d8355d7bd708c335d838b8496%7C%7C1619710151,ch:eyJiIjpbXSwibSI6ZmFsc2UsImgiOnsiYXJjaGl0ZWN0dXJlIjoiIiwibW9kZWwiOiIiLCJwbGF0Zm9ybSI6IiIsInBsYXRmb3JtVmVyc2lvbiI6IiIsInVhRnVsbFZlcnNpb24iOiIifX0-%7D
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/doj-darkside-colonial-cryptocurrency-seizure/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.207.123.8 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-207-123-8.compute-1.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
cache-control: no-cache
content-type: image/gif
content-length: 43
server: nginx

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame D826 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4B4E 783 B
532 B 15ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

0fb33f6b9fd072b334c3a3f8206928eacc64479b8baed8be54267401ea8a00ac

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-QHijOzEF5xay1X8hSPdoJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:29:30 GMT
date: Mon, 14 Jun 2021 01:29:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-QHijOzEF5xay1X8hSPdoJg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame D826 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
658 B 212ms
142ms Script
application/javascript 104.244.42.131
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.131 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Mon, 14 Jun 2021 01:29:30 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: c3529de2a77a7b3f1d3ae66b59821e89fb078b064028a70feea033cb78809d46
x-transaction: de102b2fbaa6141e
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 20ms
20ms XHR
application/json 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021061001&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

691fe77f589400ae6a295bf5e175290328b4ed83b13436beed196ee33c99a116

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Mon, 14 Jun 2021 01:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8404
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
383 B 40ms
24ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=8c768b8a-ee12-4d54-8d23-44b668ccbb01&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&t=DOJ+seizes+%242.3+million+in+cryptocurrency+payments+from+Colonial+Pipeline+ransomware+attack+-+CyberScoop&cts=1623634170443&vi=07ad01eba29c444fd08728c208a710cf&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 6c1646b4-8416-44c9-9cae-760de45750f5
cf-ray: 65efc9bd688f4e0d-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9bc6a5e00004e0dbd8d5000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=nHGVhHXyRuL6b5B2XL%2FTGKZ7srE2C4tNQp8PQYUlja99tCIsz%2BD1EjvUfTsXVXwLh6IQFg3%2Bai1GRQpMrK8PXH44o7ucUNnsR9GZHero3gW9PqvwZj2uwQvaJZYJJ9eEMC3lBLIbJpTeiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
821 B 39ms
23ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fdoj-darkside-colonial-cryptocurrency-seizure%2F&t=DOJ+seizes+%242.3+million+in+cryptocurrency+payments+from+Colonial+Pipeline+ransomware+attack+-+CyberScoop&cts=1623634170444&vi=07ad01eba29c444fd08728c208a710cf&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 91e4d3e0-fd24-461f-86ae-8f04cb84e6d0
cf-ray: 65efc9bd68904e0d-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400, h3=":443"; ma=86400
content-length: 45
cf-request-id: 0aa9bc6a5e00004e0dd98a3000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v2?s=VG4MOabDJG6tFcTDe%2FO304MFkBwu3kDM0WC6GWP6D%2B8Az3G43GPAlZArqaJSkAIVj%2F0ptY6mWpuYvyKDd85VIraDhyRzfnAcBljh85vLN3RBTDGH4vDqI4CkeERFRq%2B5dtigvW2KHvrGfw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
13ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021061001.js?31061429

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 14 Jun 2021 01:29:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1622653785071769"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Mon, 14 Jun 2021 01:29:30 GMT

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/223/ Frame 44D8 12 KB
5 KB 6ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/223/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Sun, 13 Jun 2021 20:53:12 GMT
expires: Mon, 13 Jun 2022 20:53:12 GMT
last-modified: Wed, 17 Mar 2021 18:24:30 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 16578
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 80F6 783 B
534 B 16ms
15ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e317f1ecabaa5be3a96bfdca042508455a6da26aa2824ffc7348df7393f576e9

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-6jGTmqVQ+ClPT+3cB40DYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Mon, 14 Jun 2021 01:29:30 GMT
date: Mon, 14 Jun 2021 01:29:30 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-6jGTmqVQ+ClPT+3cB40DYA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29 200 wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js Show response
pagead2.googlesyndication.com/bg/ Frame 44D8 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/wQPplS2CBbapxPPsKjLjCt6L9Rv2P8O8syxzKLSpyaY.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/223/runner.html

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 13 Jun 2021 13:21:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 43686
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5768
x-xss-protection: 0
last-modified: Mon, 31 May 2021 08:58:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Mon, 13 Jun 2022 13:21:24 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame DBF3 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021060801&jk=3265622296889326&bg=!8vGl8bXNAAY6sG-_OrA7ACkAdvg8WsPxwo7Ps_KFR5BAd-GSgN31NjPGyQUuq-cksBquheoFjit7WgIAAABXUgAAABVoAQcKALLxPvR-FKk-jVRQI0AOrGWkVSVgZH5VWO5QH2cAVwf-BHyoZVmeH1695hcKcQPXy8_CAMCCXlMlvyq4yAEm9REI0BbcmZ4bZGHwLuoSyyw6VooqRk1sVqpM0awFO4co7b0HOsd76S1pLM03bgJKFijg9GJiFXly789kzDElVdzRPb2-aEFZreCF6utaZs781dh6SmHK0NfQpx3CG2xtIe6JB3DjTfCSK1pmKlMwZVid0MHumQKGEA7-5E094YV5x27tTFyU5JWBLYNiUMU16wHibefZLSAYtBBjpiTc_xSRKqbASjjcpfozRD67RjMJTAiaMGYUM8znljbf-PmQrHYpI2TRRqPKCe9neD4z4qIzTs55Mk_XCeVNbHCgcN2DgIDtR5VARlAB-EfH-auFI-Xa0l7WGldPbfo1Zj8I8cPC5nGEfJfDlqgSsJYE74OdDJut4b9mjA1sTGkQAtN6gUI4xmUQSXqXyhVYxs1zYoY7S7GkD95kMSSYnORjrruVCF6_VjINwhrHhTC5sWXiya1nsLhkCfMWifmm48JH-omKE8FYQ5WmuiXYJjLvN9lThYx8af4lu3wl6xxduvEV5JAcxcj4JCV6ctY1o1lykC-5NuVb5_xFEmLquJz5HC0p3RFukcKvo2Fjmq8q4ByOyhquPQUDSrsOYEZlfO0tpAcwne9f9AP4cBcL9BaYsKE_CVFsAStZ0AGGrofXqN3SUjO_nH0-lGqTgKOrlyvNjJnAMUY_eF0EEcYKrxEn3aQdTSWivNOPL-fwQHvmx6YBDSXVtnRMz89F61kiQUtCh28-_rradyQxhEP1RGPACKXVZY35UvCVRpRmkNq8ovIbM41-OJW2bZtVi-REYr76zlqUOrMOcsphVvS9M56YtWyPDEztsVmCq0u7_6ixziYIGChG7kUVXIaHhSM6K25tlkOxbQcDl-m2HCiCWJA28qMSm-hSCWrTAXMOAERtB4-ASgmI8pKhF_5KRBk2Nso76sjFnQTysy0ML2dIbaRO7mup1B20j-hDCxpuTOjk1DT3B66iJkIA4P2_6XOzQRnqlG6tUcPe-abb4Uyg8EECEHRoGjIOet_UtZEAb3Z-kw

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 15ms
15ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=223&t=2&li=gpt_2021061001&jk=2067552630805403&bg=!TU6lTgrNAAY6sG-_OrA7ACkAdvg8WhxpK67rlOZa2jJaTwCvCBcSFqZHCS2xySroM14IE5-aA94WRwIAAABRUgAAAA1oAQcKACMk2ScmI0ZmwjQ9thD58a9hhrn0pCCx89R0aYL2uFIkUSUouZkCeVoKtB6BCU12T-fqSc9oEyfdjFUguIBxdUFRPU6o2jtmafTm4MK2nbYWOvRjfZ1ObE7oV0RPDNdVV0jAAYhImLpyRBZE9Qthi1fVTWgbVmwm-8UARW8P58Kw9A9e2mwBT4xQwdPveCzqohR69fvntUOFcaE0UHzT6AzvZOECT8tkOutITQNHx2nbDfw73qpZHZwLrST-CPfQcYzviqqtZ4gPd1ltp4Kg_OzMYBCXujW7uOIEauSCRHvfjTkatblC4SH8PrdCM6JovMp1UDRw9XPK1ffDzCn5AQgUzt2EG6uEeLOZtmym0ywaqMYuM9syW2Vo_whgNQIj4MgucBZTHj_G-StQuUWS6fwBA8g4hOlDCrEyNlmvQo5Lyx6RdwuCdUtNzDgxFDfmpoRI1E0tGQiGpLKwlksklgkXvyZmesf1uSA2At8R9P0w591fkFtg8afNCF77slB6Shc5fuTrRHZq055ScsazP4rXfyfDxnp5qpLX-NZjkfSzniztST-vwNC6j_hIGQirLs57izRUBdF-SWLFwEEuM2XgQ22KGP2JRWzLfQbAWUKZfW_MSNvMtmliyktsxfUZrzQ7cccxNrrMknrxm69CTDsVRmOBNVGS3fIATtT3UhqzGx9SQH7zfymvmX3ylRVeAHsET1NyFpGbwPDe4A5sLlXiza2jF1N2gEoRcf9IaCcPtKy5j-MrWI3veNru9p8Kt0rQeGSNE5lMOduivQpsZcOXkj2cbkJmaXdLgSzFf5zpqJXkigwGvJQHhTHS1Q1v2RIMTvoZtgosxNTX6C0HDrzNc07aHYUvy7HC5fDZctOBtTGQMpl2qBObs67ZrPNkZg

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3AFE 42 B
64 B 22ms
22ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss8eAKBCugPw_Wg1upnMt_uaaTVuPesfhukYO0l1Wx75e_XhbsaA4esTGvVDrjw6WlZlfkuuWghM6WYnSp10Yp2VQ&sig=Cg0ArKJSzG7tG_j7ESroEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=32&adk=2711260096&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623634169267&rpt=565&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 3AFE 42 B
64 B 20ms
20ms Fetch
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstiQVbgQhHWzfh4GkKE-HpVjSvKh8lxpeCI2awZSmgtzUu9Ob9_kElWfzZirAH9Eb5pHK4IZbLyU7cb_qq-p3P_NFSLqyjtZAMJV1o4TGk&sig=Cg0ArKJSzOqt6gTQfHClEAE&id=lidar2&mcvt=1003&p=0,0,250,970&asp=0,0,250,970&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210611&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=ie&la=1&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdXQ%3D%3D&vs=4&eosm=0&rst=1623634169267&dlt=110&rpt=562&isd=0&lsd=0&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 14 Jun 2021 01:29:30 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

152 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-19 19:00:35	Name: __hssc Value: 143679850.1.1623634170439
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 04:22:10	Name: __gads Value: ID=f5a1c6584c3a1cde:T=1623634167:S=ALNI_MZ6VJGwLi7K6UnRLGy39s_URMgK2A
.cyberscoop.com/	1970-01-20 04:22:10	Name: __hstc Value: 143679850.07ad01eba29c444fd08728c208a710cf.1623634170439.1623634170439.1623634170439.1
www.cyberscoop.com/	1970-01-19 19:02:00	Name: sng_interstitial Value: true
.cyberscoop.com/	1970-01-19 21:10:10	Name: _fbp Value: fb.1.1623634167245.16395894
.cyberscoop.com/	1970-01-19 19:02:00	Name: _gid Value: GA1.2.16219542.1623634167
.cyberscoop.com/	1970-01-20 04:22:10	Name: hubspotutk Value: 07ad01eba29c444fd08728c208a710cf
.cyberscoop.com/	1970-01-19 19:00:34	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-20 12:31:46	Name: _ga Value: GA1.2.2141281648.1623634167

4 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hubspot.fedscoop.com/e2t/tc/VWtMDr3hpHKQW2tsh_h93KR8lW3yn_R_4szvw4N9k7M9h2-G-5V1-WJV7CgR_SN1Np-1vDkptJVfL5lk85T0YGW5FrrV83s24GXW7K7V6-92MjqWW5TPF2f70yLYDW11x9pj4Pq6J8W3fLMM52zD98SW5CsnJ789GcZHW5y0z5572jw3KW1GWQq85w1rZnN9jlFvvffxY7W56fYsx2H7sp2W3pyR5815PJH_N3Sm9cPDHP9vW6cfJSV4bZX7NW3xPpDf1mfhVBVttgSh4FQBZMW85NlxK18xJtBW2YlTc71SctRBW88tbM17s_XLv32KZ1(Line 13) Message: toS
console-api	log	URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery-migrate.min.js?ver=3.3.2(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.002197265625 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.5.js(Line 32) Message: a: 0.001953125 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

32f93bcdb7646431fe07f4acca2e3688.safeframe.googlesyndication.com
597aa27833b66734f36d06bde6660230.safeframe.googlesyndication.com
5c07712802b74834f1d472c54463ee91.safeframe.googlesyndication.com
9fff94d23bf733803e92d17f3821d9bf.safeframe.googlesyndication.com
ad.atdmt.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
cdn.taboola.com
connect.facebook.net
dt.adsafeprotected.com
events.mmi360.net
f974a462ef4464a4bc01c3a5a0a1a632.safeframe.googlesyndication.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
googleads4.g.doubleclick.net
hubspot.fedscoop.com
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.ads.linkedin.com
px4.ads.linkedin.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tags.mmi360.net
tpc.googlesyndication.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.131
104.244.42.133
108.174.10.14
142.250.181.230
142.250.185.194
142.250.185.98
151.101.12.157
151.101.13.44
2606:2c40::c73c:67e1
2606:4700:10::6816:47c5
2606:4700::6810:5605
2606:4700::6811:47b0
2606:4700::6811:b649
2606:4700::6811:d3cc
2606:4700::6812:15bf
2606:4700::6813:9b53
2620:119:50e3:101::6cae:b45
2620:1ec:21::14
2a00:1450:4001:802::2003
2a00:1450:4001:80f::2002
2a00:1450:4001:812::200a
2a00:1450:4001:813::2001
2a00:1450:4001:813::2002
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:827::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2001
2a00:1450:4001:829::2006
2a00:1450:4001:829::200a
2a00:1450:4001:829::200e
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2002
2a00:1450:4001:82a::2003
2a00:1450:4001:82a::2004
2a00:1450:4001:82f::2004
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9d
2a02:26f0:6c00:296::25ea
2a03:2880:f01c:8004:face:b00c:0:8c
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
3.12.243.139
3.140.174.87
52.207.123.8
52.21.95.133
52.217.13.110
52.48.135.146
54.72.101.145
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04853d865cf9800752704873ef2f98588e8d82b85e68793731fc7c4cc34036f1
05709454fb18e3ba7c785fb889e8de61baa9b6d664d2830d6434306321923f04
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
068605b7a74adeae97a35f115e5d2116b49e1b0746b0172d6795cf4c7f93ecc8
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0bd56c87dbd42ec5efef8e0fe40728cfa889cac7e9b80dc50b58c10063ae14d9
0c5f584d1ea2c3313dc8c55824c2a572d3cf2eae87c5ca62a58e598aec9ddb5c
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
0fb33f6b9fd072b334c3a3f8206928eacc64479b8baed8be54267401ea8a00ac
0fc32732b1520df908e4ce5063434010c35725a930e0cc9df0be61c66a87cf32
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
10e35336ff028cca8fe068dafafeab69b6612756713d21b20dcd1a57100cfa8c
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14a399efdd6eb8a1e5c4283bf860f19d3017f1c831a3304aa320b6ef0a15de85
1534e66c0f755f2d4cd2b899a7155bd2fbff98b00a37e940a08822fc87bfb7f9
16f85ef990ea5de862970b84748db8d6868a5abd5254c2cb08e84722f6812ec8
1ce69465fa2284194ab3ec822ee452307e2f4b4ab202499e24a06f8215b1ead1
1da026b32f0dd3efe9de209cefefd46d3685918ae8b927ca6548b5aca9ca2484
1e4d4b49a305d4435743e39b117e3ae36d121e878945d8574e154cc25b0eecdb
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f3d22757c403b73ad7133ffdb7f7635f83b023568e09fbd6efc60633e1e3a48
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
2323e247399ae26db0647616156be8167d90e84cb290242749d1056a352b518e
2513780bd6c6f2dfa78789dfedbe2e8ffe652d56370b4a2482ae14350f005e7f
265fca0370d62e5d69a8097b9eb0de89cdbb224ac90fbfda545b5396b69055e6
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2c555b43ca598646e308ed3670fa9f544056ac43fdb0f9407e6c9f9bb7ad00e7
2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a
2d209520098b09aa8847fc90e422c9a590e6386bbcf1ede1357c0a1531f26b08
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
3202d10a48e4b9747b2ace485a881b3e51a6587583225426d4f3172d364ca433
341e0d761251ee538d0cad6322c66abdbf78dc7d6f3ca62f3459fab822a2103f
34b6e9936a2f024eef4f545bf4a1e717141704b00a75167fc7080fc6789e3881
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
372c940a13cc67025b79445f5f76f5b18a213f37eae412822bea0d3584aa8668
3844b90f3cfc77a88999547db594e6bff1c01c7f5946ec51a56443ef6fbd2615
39bd1416c40988699ef5f72a005f666d9f59410f76b27f28e6d464ca2424eb65
3a89e5cc6dfb7ec7daf881fa9c95cbc8fe5260b2ecfbe4852170e36aa709629a
3bfdb856554d3fd81c3d1624515d0624b7fe289a9e19dcebb5e141d55c7c7a73
3d48266adc441aec152d2f899a6596ea3228153cb55d783edb9480454bc89285
3fb42c31d4d6d6d395adb10a9e3474a3aa3f88ef8f864df6809f2e027454ac70
412979f99062018cc1b3ba7cc84a0c6d03f86f1c1f07f1ee90fa0402ba2d93ed
4b4924b6ea8623395984b522ee4e1fe77f464940d2bb155ae40bce56fbcd3423
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
4e4810e88e50f93b12c1e24b897d264382cbcf6e2ba29054f68b19bc4dc4e104
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
52e50a05d63e5616906cc6ad9e87affc689c6a623def0c80bc07ed8aedc03ead
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54e1a9fa84f454175a61ddd8369e590829499c033015438f8788b2e40b02864c
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
56698eacdd95390c49f5ebceda5618157c82ce8cf57012d6b30a4b52b3d3afd6
59998b3573f1e625f29a0caa939179183b4f27c24433a3cddafb8bff1b67ac82
5b82d1488f1ba40949c374921491520d5c435b06ab2ba7fa181b543625517940
5babc71b99b3a40d6af4780a24a68e852eb5b7cb89eca344cfcd90cd42319f4a
5be614bce53f767993a5f5f14a6badd6aae6bf3af7cbdbf4d31520de49e27991
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
6416c27db9bc922254aa4ec9960b80a2f2402b6e4f5b4621a0195d06b86b25f6
649d42a2a0c830ea56c3a05d3b549643a4081611393a024f3ba100a291610dc2
66d84c5b8ebab0d19492756bdde52fe6638985d886b74a294cf6b110636523f2
691fe77f589400ae6a295bf5e175290328b4ed83b13436beed196ee33c99a116
69edc7d52f7815db3e1bdcb34ec7c437251340f734bc0d042f32ff76286e78ce
6d28830ef0fdeba41bc402b8b12341e929c6c66db8fe512deb2b1baa9611745b
6df5297b890ff6b7e63372da52b58276e6af2f2914d30d7edcd5ead5af63c738
6f3d953a992f6b85ebd98088f653db65007e9cf8154250a3ec9b83d2389934ec
72935af0fc26206d68f050c1a740ea1da16650e9d5c890fece6dfee79fd98f26
7371056e595f660bc0ed68f23f0bbc36f51bfc8f6e0e873ff97cde7b7348e357
7529b11940f8a77767d97b70e5392487b7fffeb7bcd408da18bdc71665a81d41
753b529ae84f43010bcc3243f72f5d7fe16622d0a1e33e0a34f976e84e4343b1
775112a302231107271f162ad9aae131284b341fc9af8bec4789bd6685e12cdb
7762efe57d4c5464dd6c04a386b78830d777ae4d8579bac8b2b46a1ce3b1a401
79cc192458ca20ad45d51d1a6ae6c26994a23a9f882865613ee52b342b47476d
7c06cd44aaaf292cdd731557ec551aac8ada9cb9e5a7cb70b3be7144a34ae615
7ca272d368fd91e65ec1ac1b0639bedbd313a72b029c52b8fefa9552b86c293d
7d45b6c5d27d1b17b7fed9bbc9e6bed63e0596a130404b68ce1b3b885f8283d9
7e1fc71db515228e4fdd1e1ba1699bd358c4f8790aaa6cd7173f85633450be51
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
82b93870340639f93f374966650f61a46c1a4b0891f25ba9b9673a1426d0bd20
8355b850fb33775455d025e02c79ce82903a780cc1937091e3fc8bae01cbfcf9
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
8a19707bd88a29100f84e106852ddd5bfeebe1fe562960c4932d1347210d13a1
8ad295ced7e8ae007a051ef82457acec4ffeb81e4bc8e5133f89f4999189b4bd
8ae42473cff1c6cf7ee986c511290bc70795d85e181bc3103a8169b243b8f31c
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8be51d7a3532c31a195fe6b6783b2903ffb981d36ef2d30b51de44e759684a15
8c16b4babd0e2814d923822f32c1e754b6802ec5c502724dfbe3284b0ac9168d
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8e39ec39354db513f338c6a1735bfc8a356e8063a431b963cb8fc70b2661073e
8f4b8d2def1fa5e09bafacbb8ac66e614d74f1cdbace1417cedef55c0d9a83db
9061727c3c22a8fd7db7d80dc326459218343de446d328daf1e51162610c889d
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96abf166b3cbb5f7df525d86fdeeeccea4af3c120b19bc26b0613530a94e8b44
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a39c5c409cf1589c397087a57c950549414a22ccdd888fff41a403192338f502
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
a9277310c05b27170734e0c75b002286785c97712cff5e5f2c5c40d961068ec9
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
ad6aff42a13f4d272025f2b2e9002bef66e1b4a9adb163cef25099b3ea83a51b
add1e275c756d593a8fe9f8f6e56270e2d70edd0e9a4f33a3d7d82028f7dd828
af01ccc29fb87bb761a3b04fc94edcbec8df2d2eb7a09a08e2f885590b6694a0
b0ebb64770d12923ab367667f418fe5bfa5ae336f3404eb74463128a10ef098f
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b176de534428b3b8d36fb821412c5075cc426bfb3fe282571bcd9f00f2c0b152
b24ac2a2042bf22f85f717259786c1f95a81a5a8d9ff057de1d09b5c6e1b364b
b2fae6cc30abda3c736ee09e77f2487d49c65e139200a47104ef1d105ba75b7b
b4796fcc5cfdd5be77eca5c9b0e13a92339ffa7bc7bd21d84eb9c2620feeacb2
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
ba601daeda8cb0d179beeeafbe63848d0576b172f3e2800f1848be282b2af497
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bc92537a9f302b0eaf8c44d590249655b6f19bd3d7da181d1e51ea24148ed400
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
bfb96f227db3a54f2dc4a5e46bd3e3c76c89710e75a4489ba66c3d77eda60e58
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c103e9952d8205b6a9c4f3ec2a32e30ade8bf51bf63fc3bcb32c7328b4a9c9a6
c2fa12af72441de0744ebef379e12223c4c6c2d4775e764fc7291cafa5599cd1
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
cc797dd1452bb77265cd8203ddb579571c28c4c690f413f507d03e372c61310e
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cf0532971ecb11ad7fad9c2b7f20ae2b53b8b7781290011ba1950e38b4bd14fa
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d024fbac8e2d41f08bf1e4317dc623effc57698d8568f66096efb5963df9cf16
d0718481ccd8588f91b2682a49526313947bc4e213e433bcb5cb339d2b4bb351
d1ac43e9327c147dc04b1efcd475ba7e9d464e6504eaffb167d0412d339b39e5
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d4ef4742ca8a936fb23e2a0c1380c68cbf732df61fb3c00262b685b3c01dcfaf
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d851e8849dda3e06a3c9c3e1422eb7cb79a8cfb3f05ee4fd0248d8fc4fd8d65a
db02022e70b50c36c8b19895011b67d760f45d217c7d32beaf853fd0e6f20ce3
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
dce4c94fd5a0b1b404c6fcee22a49084f6863bc7d0fefc5e07ed57ce7d35c75d
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de7dd7e8a5f2257d16c23c395b9262c6fa04689c81b0e2b8bf7f5bae9f4177dc
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e21cbff27a74ef7caa04b84461bbaa6ed2cba11a62db2e7f03fc588912f415c6
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e317f1ecabaa5be3a96bfdca042508455a6da26aa2824ffc7348df7393f576e9
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e684839cbcef6b16753dae73e92a49b7115f55e83662ead12d5e05bf7b9915fb
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ee011f9451dd2bb44a806306c913b55f9c3acd8abd0bd6eadc0143c1baff41ba
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f24ac9e8a3e565b61bbf64e418f2d542462f527649e99c9d64fdc5a7310b41b8
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f7c1022dbae2ac5b2997f6e92f1f25907b053736a52aa40753fb44fcf4760370
f8c9efbf4484511f3f9760c3ad6b4799095557aa03792ed3279fa95a3baab17a
f909a31bfd7a13b9dd53e98b5652f13f4782fdfd1653dc4befade7386c087371
f9f5fb1596ab72270fbb5bfbc64b6f05d259a045255a36c176833936f29ecde9
fb354981d95692154d88c2164ceb8f3b741699418b198e54cc03c8cfc6330f6d
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

257 Requests

100 %HTTPS

69 %IPv6

31 Domains

47 Subdomains

48 IPs

4 Countries

3172 kBTransfer

7719 kBSize

10 Cookies

18 Outgoing links

Page URL History

Redirected requests

257 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

257
Requests

100 %
HTTPS

69 %
IPv6

31
Domains

47
Subdomains

48
IPs

4
Countries

3172 kB
Transfer

7719 kB
Size

10
Cookies

257 HTTP transactions
6 data transactions