www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW...
Effective URL:
https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2...
Submission: On April 14 via manual (April 14th 2021, 10:07:22 pm UTC) from CL

Summary HTTP 215 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 47 IPs in 4 countries across 33 domains to perform 215 HTTP transactions. The main IP is 52.21.95.133, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.cyberscoop.com.
TLS certificate: Issued by R3 on March 29th 2021. Valid for: 3 months.

This is the only time www.cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 2	2606:4700::68... 2606:4700::6812:1699	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4 39	52.21.95.133 52.21.95.133	14618 (AMAZON-AES) (AMAZON-AES)
3	2a00:1450:400... 2a00:1450:4001:801::200a	15169 (GOOGLE) (GOOGLE)
1	151.101.13.44 151.101.13.44	54113 (FASTLY) (FASTLY)
18	142.250.74.194 142.250.74.194	15169 (GOOGLE) (GOOGLE)
11	52.217.37.54 52.217.37.54	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6811:b849	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	2606:4700:10:... 2606:4700:10::ac43:2794	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:710... 2a02:26f0:7100:18d::25ea	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	199.232.136.157 199.232.136.157	54113 (FASTLY) (FASTLY)
2	2a03:2880:f01... 2a03:2880:f013:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:d4cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80f::200e	15169 (GOOGLE) (GOOGLE)
1 2	2620:119:50e1... 2620:119:50e1:101::6cae:b25	14413 (LINKEDIN) (LINKEDIN)
1 1	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
1	104.244.42.133 104.244.42.133	13414 (TWITTER) (TWITTER)
3	2a00:1450:400... 2a00:1450:4001:829::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:813::2003	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f11... 2a03:2880:f113:81:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:14bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
7	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
22	2a00:1450:400... 2a00:1450:4001:800::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
19	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
3	2a02:26f0:10c... 2a02:26f0:10c:488::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:1aa::4469	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	213.254.244.26 213.254.244.26	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
3	213.254.244.13 213.254.244.13	36062 (DOUBLE-VE...) (DOUBLE-VERIFY)
2 4	52.48.134.198 52.48.134.198	16509 (AMAZON-02) (AMAZON-02)
6	142.250.185.130 142.250.185.130	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:828::2006	15169 (GOOGLE) (GOOGLE)
2 4	52.51.81.153 52.51.81.153	16509 (AMAZON-02) (AMAZON-02)
2 4	35.244.184.212 35.244.184.212	15169 (GOOGLE) (GOOGLE)
2 2	34.95.127.121 34.95.127.121	15169 (GOOGLE) (GOOGLE)
4	54.76.195.29 54.76.195.29	16509 (AMAZON-02) (AMAZON-02)
4	104.244.36.20 104.244.36.20	7415 (ADSAFE-1) (ADSAFE-1)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
215	47

2 2606:4700::6812:1699 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

hs-7940188.t.hubspotstarter-jn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

39 52.21.95.133 (Ashburn, United States) 4 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-21-95-133.compute-1.amazonaws.com

www.cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.13.44 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

cdn.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 142.250.74.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s02-in-f2.1e100.net

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

11 52.217.37.54 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b849 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hsforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700:10::ac43:2794 (United States)

ASN13335 (CLOUDFLARENET, US)

static.addtoany.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:18d::25ea (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 199.232.136.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f013:d:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d4cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80f::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:119:50e1:101::6cae:b25 (United States) 1 redirects

ASN14413 (LINKEDIN, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:21::14 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.133 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f113:81:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:14bf (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
7445015f24b4138079e5432b973c37a9.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:800::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

19 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:10c:488::4469 (Düsseldorf, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:1aa::4469 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn3.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 213.254.244.26 (United States)

ASN36062 (DOUBLE-VERIFY, US)

rtb0.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 213.254.244.13 (United States)

ASN36062 (DOUBLE-VERIFY, US)

tps20515.doubleverify.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.48.134.198 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-48-134-198.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:828::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 52.51.81.153 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-81-153.eu-west-1.compute.amazonaws.com

hp.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.184.212 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 212.184.244.35.bc.googleusercontent.com

linkto.ext.hp.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.95.127.121 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)

www.ojrq.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.76.195.29 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.244.36.20 (United States)

ASN7415 (ADSAFE-1, US)
PTR: nyidt.adsafeprotected.com

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

ade.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
49	googlesyndication.com 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com tpc.googlesyndication.com 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com 7445015f24b4138079e5432b973c37a9.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com pagead2.googlesyndication.com ade.googlesyndication.com	321 KB
39	cyberscoop.com 4 redirects www.cyberscoop.com	1 MB
27	doubleclick.net securepubads.g.doubleclick.net stats.g.doubleclick.net ad.doubleclick.net googleads4.g.doubleclick.net	608 KB
19	googletagservices.com www.googletagservices.com	466 KB
12	adsafeprotected.com 2 redirects fw.adsafeprotected.com static.adsafeprotected.com dt.adsafeprotected.com	193 KB
11	amazonaws.com s3.amazonaws.com	54 KB
8	2mdn.net s0.2mdn.net	186 KB
8	doubleverify.com cdn.doubleverify.com cdn3.doubleverify.com rtb0.doubleverify.com tps20515.doubleverify.com	29 KB
7	google.com www.google.com adservice.google.com	2 KB
5	google.de www.google.de adservice.google.de	2 KB
4	hp.com 2 redirects linkto.ext.hp.com	1 KB
4	demdex.net 2 redirects hp.demdex.net	3 KB
4	gstatic.com fonts.gstatic.com	99 KB
3	linkedin.com 2 redirects px.ads.linkedin.com www.linkedin.com	3 KB
3	googleapis.com fonts.googleapis.com	2 KB
2	ojrq.net 2 redirects www.ojrq.net	914 B
2	hubspot.com track.hubspot.com	815 B
2	facebook.com www.facebook.com	494 B
2	google-analytics.com www.google-analytics.com	19 KB
2	facebook.net connect.facebook.net	97 KB
2	addtoany.com static.addtoany.com	60 KB
2	hubspotstarter-jn.net 1 redirects hs-7940188.t.hubspotstarter-jn.net	3 KB
1	twitter.com analytics.twitter.com	660 B
1	hs-banner.com js.hs-banner.com	14 KB
1	hs-analytics.net js.hs-analytics.net	18 KB
1	t.co t.co	449 B
1	hs-scripts.com js.hs-scripts.com	706 B
1	ads-twitter.com static.ads-twitter.com	2 KB
1	licdn.com snap.licdn.com	2 KB
1	hsforms.com forms.hsforms.com	4 KB
1	googletagmanager.com www.googletagmanager.com	51 KB
1	hsforms.net js.hsforms.net	129 KB
1	taboola.com cdn.taboola.com	22 KB
215	33

	Domain	Requested by
39	www.cyberscoop.com	4 redirects hs-7940188.t.hubspotstarter-jn.net www.cyberscoop.com
22	tpc.googlesyndication.com	securepubads.g.doubleclick.net 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com tpc.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com ad.doubleclick.net hs-7940188.t.hubspotstarter-jn.net
19	pagead2.googlesyndication.com	securepubads.g.doubleclick.net tpc.googlesyndication.com ad.doubleclick.net www.googletagservices.com
19	www.googletagservices.com	www.cyberscoop.com securepubads.g.doubleclick.net 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com www.googletagservices.com s0.2mdn.net
18	securepubads.g.doubleclick.net	www.cyberscoop.com www.googletagservices.com securepubads.g.doubleclick.net hs-7940188.t.hubspotstarter-jn.net 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
11	s3.amazonaws.com	www.cyberscoop.com
8	s0.2mdn.net	407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com hs-7940188.t.hubspotstarter-jn.net s0.2mdn.net bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
6	googleads4.g.doubleclick.net	ad.doubleclick.net hs-7940188.t.hubspotstarter-jn.net
4	dt.adsafeprotected.com	407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
4	static.adsafeprotected.com	407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
4	linkto.ext.hp.com	2 redirects 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
4	hp.demdex.net	2 redirects 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
4	fw.adsafeprotected.com	2 redirects ad.doubleclick.net hs-7940188.t.hubspotstarter-jn.net
4	adservice.google.com	securepubads.g.doubleclick.net
4	adservice.google.de	securepubads.g.doubleclick.net
4	fonts.gstatic.com	fonts.googleapis.com
3	tps20515.doubleverify.com	8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
3	cdn.doubleverify.com	8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com cdn.doubleverify.com hs-7940188.t.hubspotstarter-jn.net
3	www.google.com	www.cyberscoop.com securepubads.g.doubleclick.net tpc.googlesyndication.com
3	fonts.googleapis.com	www.cyberscoop.com js.hsforms.net
2	www.ojrq.net	2 redirects
2	ad.doubleclick.net	www.googletagservices.com
2	track.hubspot.com
2	bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
2	www.facebook.com	www.cyberscoop.com connect.facebook.net
2	px.ads.linkedin.com	1 redirects www.cyberscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	hs-7940188.t.hubspotstarter-jn.net connect.facebook.net
2	static.addtoany.com	www.cyberscoop.com static.addtoany.com
2	hs-7940188.t.hubspotstarter-jn.net	1 redirects
1	ade.googlesyndication.com
1	rtb0.doubleverify.com	cdn.doubleverify.com
1	cdn3.doubleverify.com	cdn.doubleverify.com
1	analytics.twitter.com	static.ads-twitter.com
1	7445015f24b4138079e5432b973c37a9.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	www.google.de	www.cyberscoop.com
1	t.co	www.cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	www.linkedin.com	1 redirects
1	js.hs-scripts.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	forms.hsforms.com	js.hsforms.net
1	www.googletagmanager.com	www.cyberscoop.com
1	js.hsforms.net	www.cyberscoop.com
1	cdn.taboola.com	www.cyberscoop.com
215	50

This site contains links to these domains. Also see Links.

Domain
cyberscoop.com
scoopnewsgroup.com
news.sophos.com
www.facebook.com
twitter.com
www.linkedin.com
www.instagram.com
fedscoop.com
statescoop.com
edscoop.com
workscoop.com
www.scoopnewsgroup.com
www.addtoany.com

Subject Issuer	Validity	Valid
hubspotstarter-jn.net Cloudflare Inc ECC CA-3	`2020-07-03` - `2021-07-03`	a year	crt.sh
cyberscoop.com R3	`2021-03-29` - `2021-06-27`	3 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.taboola.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-25` - `2021-12-26`	a year	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
s3.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-16` - `2021-08-16`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.licdn.com DigiCert SHA2 Secure Server CA	`2019-04-01` - `2021-05-07`	2 years	crt.sh
ads-twitter.com DigiCert SHA2 High Assurance Server CA	`2020-08-14` - `2021-08-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2021-01-06` - `2021-07-05`	6 months	crt.sh
t.co DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
www.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
*.googleusercontent.com GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-03-23` - `2021-06-15`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2021-02-05` - `2022-02-04`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2020-07-27` - `2021-07-27`	a year	crt.sh
*.doubleverify.com DigiCert SHA2 Secure Server CA	`2021-01-10` - `2022-01-17`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-03-16` - `2021-06-08`	3 months	crt.sh
fw.adsafeprotected.com Amazon	`2020-09-09` - `2021-10-09`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
linkto.ext.hp.com DigiCert SHA2 Secure Server CA	`2020-09-29` - `2021-09-30`	a year	crt.sh
static.adsafeprotected.com Amazon	`2021-01-06` - `2022-02-04`	a year	crt.sh
*.adsafeprotected.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-17` - `2021-06-17`	a year	crt.sh

This page contains 21 frames:

Primary Page: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Frame ID: 60CFBF755C3E21E602759F8D108375C4
Requests: 80 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
Frame ID: 80383DB8AC07F142C367644C11CCD0D7
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
Frame ID: FB9388D75105AD237F65996FFC524102
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
Frame ID: 1F29B25C861DC25A2624337E1A537FE3
Requests: 12 HTTP requests in this frame

Frame: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
Frame ID: B94C44CD3C32750B8F7F127BDA20415A
Requests: 12 HTTP requests in this frame

Frame: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 221A9366D9FF5B5E7E7B8DDE6240C63C
Requests: 22 HTTP requests in this frame

Frame: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: 507619A17A88709D3A7AD8AA8EB4A13A
Requests: 14 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfX9kl9PYF4SyP71gIMqMMJB3JHwl6zD0HK-Yl3Mo521R4uQYLcMc8l2ntRh6ZgA2ik0IiHg6gjpMpTiZb_fsARhO5CQEiig1m4qejBIXBRnodzAMeBsmEgpvhQAK4pMsu8eeNIgXqlyAJO8GyFSOBOWAEq5y8zTOkiSp8xiTF2JMPNxI4zb0Cqz7Ci6VlXH04F0zBEoFIazhNYOvQm0g-Gvq10FrbNcJFJ6lz-t9Tx9URQ-R14afIS46BD-XmAvItpZbyCUopCaDD_tNRTsBW72UwGeBCn9Ebk07pAdfng4MTgqEn5LEJ_MWmjFWs1CNBCDBDZj79xg&sai=AMfl-YTN4Hd74ti970PGCIS8rpR9v9f9wJemisfzp8qUFF-eD8nHdYc9iW-kXcMjIrGwY_KrD9KntlBwCK_SWjTveTOXiY8xAfb4Vyp1-p_DwszTFe7d7FigWdsdLY1ZAqYf&sig=Cg0ArKJSzPaUwhY4DJnnEAE&adurl=
Frame ID: A9FD0611E29F61ED976490248FA9FA35
Requests: 8 HTTP requests in this frame

Frame: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Frame ID: DFA11706941924454EB90E409A2F0FD4
Requests: 23 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: FAB94D2E04ABD1253926FC358E00177D
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: E6B446F2F17555D23ECE1FC4389BDF05
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: 474FFC071F4DCA3D39258E71EDB1E529
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 97C093E5111ECD1283F31E3EC9BA88C0
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html
Frame ID: DA714E56497ED07204D0FE95C50787BA
Requests: 2 HTTP requests in this frame

Frame: https://cdn3.doubleverify.com/bst2tv3.html
Frame ID: A0215332F35199D09768486105EB43D2
Requests: 1 HTTP requests in this frame

Frame: https://cdn.doubleverify.com/dv-match6.js
Frame ID: 6B51BE92932A9E7F5DAD4C927B77895B
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 664EEF0A98C1DC50A0119A70757B15FA
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 68AA04BFB61EF51F115AB95290BE6B4D
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
Frame ID: 345B21114796B7ECFD8D179999C9F594
Requests: 7 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: 325BE8B1723B964530FC06AB5E88EB77
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.5.1.js
Frame ID: B204EA385C4D232BD460A0C0596ABAEA
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page URL History Show full URLs

https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF... Page URL
https://hs-7940188.t.hubspotstarter-jn.net/events/public/v1/track/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJ... HTTP 307
https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi... Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
script /\/wp-(?:content|includes)\//i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

AddToAny (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /addtoany\.com\/menu\/page\.js/i

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

html /<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

215
Requests

99 %
HTTPS

63 %
IPv6

33
Domains

50
Subdomains

47
IPs

4
Countries

3564 kB
Transfer

8068 kB
Size

9
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://cyberscoop.com/
Title:

Search URL Search Domain Scan URL

URL: http://scoopnewsgroup.com/?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676
Title: Brought to you by

Search URL Search Domain Scan URL

URL: https://news.sophos.com/en-us/2021/04/13/compromised-exchange-server-hosting-cryptojacker-targeting-other-exchange-servers/
Title: Sophos warned

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://fedscoop.com/?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676

Search URL Search Domain Scan URL

URL: https://www.scoopnewsgroup.com/privacy?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/privacy?__hstc=143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1&__hssc=143679850.1.1618438024292&__hsfp=2736934676
Title: Learn more

Search URL Search Domain Scan URL

URL: https://www.addtoany.com/
Title: AddToAny

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981 Page URL
https://hs-7940188.t.hubspotstarter-jn.net/events/public/v1/track/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981?_ud=74781e98-1116-4be5-8eff-ff397bc7b389&_ch=p&_pr2=p&_pl=0&_lg=en-US&_dr=b&_ts=p HTTP 307
https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 38

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vulnerabilities HTTP 301
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Request Chain 39

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vulnerabilities HTTP 301
https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Request Chain 40

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vulnerabilities HTTP 301
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Request Chain 41

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vulnerabilities HTTP 301
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Request Chain 68

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618438022219&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1618438022219%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fmicrosoft-exchange-server-flaws-monero-cryptojacking%252F%253Futm_medium%253Demail%2526_hsmi%253D121394215%2526_hsenc%253Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%2526utm_content%253D121394215%2526utm_source%253Dhs_email%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618438022219&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&liSync=true

Request Chain 173

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145400475&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=3577855070 HTTP 302
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145400475&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=3577855070

Request Chain 174

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294799310%26level%3D1%26srcref%3Dhttps%253A%252F%252F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%252F&cid=5105&tpsync=no HTTP 302
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%2F&brwsr=bf4f18fd-9d6d-11eb-a8a3-42010a246629&brwsrsig=TFZ02dyQaRB0TsLwF71cqXYw2HGSHH

Request Chain 190

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145404087&d_adgroup=488015192&d_placement=294795197&d_campaign=25263370&d_bust=999431006 HTTP 302
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145404087&d_adgroup=488015192&d_placement=294795197&d_campaign=25263370&d_bust=999431006

Request Chain 191

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294795197 HTTP 302
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294795197%26level%3D1%26srcref%3Dhttps%253A%252F%252Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%252F&cid=5105&tpsync=no HTTP 302
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294795197&level=1&srcref=https%3A%2F%2Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%2F&brwsr=bf4f18fd-9d6d-11eb-a8a3-42010a246629&brwsrsig=TFZ02dyQaRB0TsLwF71cqXYw2HGSHH

Request Chain 192

https://fw.adsafeprotected.com/rfw/st/582938/52662418/4.js?adContainerId=gcc_iGd3YNyLLqbb7_UPxM6QwAM&cbFunctionName=goog_wrapCb_iGd3YNyLLqbb7_UPxM6QwAM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:4cdffb77-98ff-4326-5cdb-4533ae10b08b,c:9NTl8p,sl:na,em:true,fr:false,mn:app28ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:suB31af+1111%7C1112%7C112%7C1131%7C1211%7C1212%7C122%7C1231%7C124%7C131*.582938-52662418%7C1311%7C132%7C1331%7C141%7C142%7C143%7C15,idMap:131*,pl:,rmeas:1,rend:1,renddet:IMG.qs,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:31,oid:bf39bbd0-9d6d-11eb-a1cc-06bbbb59c0e2,v:19.8.188,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

Request Chain 194

https://fw.adsafeprotected.com/rfw/st/582938/52662249/4.js?adContainerId=brand_safety_iGd3YIaRLu2nx_APy8mnoA0&cbFunctionName=goog_wrapCb_iGd3YIaRLu2nx_APy8mnoA0&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsafeprotected.com%2F4a.js&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com&adsafe_type=g&adsafe_url=https%3A%2F%2Fwww.cyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-38%2Fhtml%2Fcontainer.html%3Fn%3D1&adsafe_type=d&adsafe_jsinfo=,id:98161efc-2bb4-f796-1d53-df7dd8eb5c9b,c:9NTl9b,sl:na,em:true,fr:false,mn:app03ie,pt:1-5-15,br:u,abv:na,an:n,oam:0,scm:hp1.cXqRds1.CADgZf1.hClrsE1.oHpDvn1.jMNNAR1,nbld:0,fm:suB31b7+1111%7C1112%7C112%7C1131%7C121*.582938-52662249%7C1211%7C1212%7C122%7C1231%7C124%7C1311%7C1312%7C132%7C1331%7C141%7C142%7C143%7C15,idMap:121*,pl:,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,thd:1,et:25,oid:bf39bc6b-9d6d-11eb-b631-0a6fa201f3de,v:19.8.188,sp:0,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/4a.js

215 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl... Show response
hs-7940188.t.hubspotstarter-jn.net/e2t/tc/ 9 KB
3 KB 239ms
211ms Document
text/html 2606:4700::6812:1699
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1699 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3aa1d18f920706e41f1aca22613f2a7034b22221c282f32ca3e3e6802ae96a66

Request headers

:method: GET
:authority: hs-7940188.t.hubspotstarter-jn.net
:scheme: https
:path: /e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:00 GMT
content-type: text/html;charset=utf-8
set-cookie: __cfduid=d732ba25172ad95d215ba7ef8768c91501618438019; expires=Fri, 14-May-21 22:06:59 GMT; path=/; domain=.hubspotstarter-jn.net; HttpOnly; SameSite=Lax
referrer-policy: no-referrer
vary: Accept-Encoding
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-request-id: 097405731400005364b5a85000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64003e981e815364-FRA
content-encoding: br

GET
H2

200

Primary Request / Show response
www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/
Redirect Chain

https://hs-7940188.t.hubspotstarter-jn.net/events/public/v1/track/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN...
https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyF...

53 KB
13 KB

1220ms
1004ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email

Requested by

Host: hs-7940188.t.hubspotstarter-jn.net
URL: https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

72ce44e83dc780313a7bc1b84098f46fff4335e488cb73babf8966da81be92db

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981

Response headers

server: nginx
date: Wed, 14 Apr 2021 22:07:01 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
x-pingback: https://www.cyberscoop.com/xmlrpc.php
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/posts/55545>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=55545>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

date: Wed, 14 Apr 2021 22:07:00 GMT
x-robots-tag: none
link: <https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email>; rel="canonical"
location: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
referrer-policy: no-referrer
access-control-allow-credentials: false
cf-cache-status: DYNAMIC
cf-request-id: 09740573ee00005364152a2000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 64003e99788c5364-FRA

GET
H2 200 style.min.css
www.cyberscoop.com/wp-includes/css/dist/block-library/ 53 KB
8 KB 115ms
112ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-d293"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 style.css
www.cyberscoop.com/wp-content/themes/cyberscoop/ 92 KB
16 KB 115ms
112ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Fri, 02 Apr 2021 10:48:09 GMT
server: nginx
etag: W/"6066f669-16fe8"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
826 B 18ms
15ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 22:07:01 GMT
server: ESF
date: Wed, 14 Apr 2021 22:07:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 22:07:01 GMT

GET
H2 200 css
fonts.googleapis.com/ 5 KB
642 B 25ms
22ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.5.3

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 21:38:28 GMT
server: ESF
date: Wed, 14 Apr 2021 22:07:01 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 22:07:01 GMT

GET
H2 200 addtoany.min.css
www.cyberscoop.com/wp-content/plugins/add-to-any/ 1 KB
663 B 115ms
112ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.css?ver=1.15
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: W/"5fcd3e2c-5ba"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 jquery.js Show response
www.cyberscoop.com/wp-includes/js/jquery/ 95 KB
33 KB 115ms
111ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-17a69"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 blinkTitle.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 2 KB
737 B 115ms
112ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/blinkTitle.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-62a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 singlescroll.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 3 KB
1 KB 114ms
112ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/singlescroll.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-dc1"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 stickybits.min.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 13 KB
4 KB 114ms
112ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/stickybits.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: W/"5f8eafdb-3357"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 addtoany.min.js Show response
www.cyberscoop.com/wp-content/plugins/add-to-any/ 129 B
339 B 114ms
112ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/plugins/add-to-any/addtoany.min.js?ver=1.1
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
last-modified: Sun, 06 Dec 2020 20:25:16 GMT
server: nginx
etag: "5fcd3e2c-81"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 129
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 tfa.js Show response
cdn.taboola.com/libtrc/fedscoop-sc/ 65 KB
22 KB 284ms
218ms Script
application/javascript 151.101.13.44
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.taboola.com/libtrc/fedscoop-sc/tfa.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 151.101.13.44 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 619cb0f3cb3356334f4b593e7f9b59e1a571a5ab6427e2270e057e8bb40f4dfb

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: AoYv0CrKINW0Z.fMDXUzOnhGd_3RJ06A
content-encoding: gzip
etag: "3d50e978d59e5c87a6e808a10d9f8075"
age: 0
x-cache: HIT
x-amz-replication-status: COMPLETED
content-length: 22341
x-amz-id-2: BNMlYphPkIQrMgo2FU2pYXqnkH8ZFI8tw6gdxGgu3Av2Dmss4cCOS2UaQRjxcanttOlHONw0BsA=
x-served-by: cache-fra19142-FRA
last-modified: Mon, 12 Apr 2021 11:05:59 GMT
server: AmazonS3
x-timer: S1618438022.743327,VS0,VE188
date: Wed, 14 Apr 2021 22:07:01 GMT
vary: Accept-Encoding
x-amz-request-id: FC1CGHZT2VNBMYJG
via: 1.1 varnish
cache-control: private,max-age=14401
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
abp: 53
x-cache-hits: 1

GET
H2 200 init-taboola.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 138 B
348 B 114ms
112ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/init-taboola.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: "5f8eafda-8a"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 138
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 app.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 150 KB
47 KB 114ms
112ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/app.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-25991"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 menu.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 213 B
423 B 287ms
285ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/menu.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
last-modified: Tue, 20 Oct 2020 09:37:31 GMT
server: nginx
etag: "5f8eafdb-d5"
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
accept-ranges: bytes
content-length: 213
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 287ms
286ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 62 KB
21 KB 146ms
70ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

92de3088fccc4b1a1425c55a6eb8cb407f3b95f76865f7080f8fb7084f0f3664

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "843 / 168 of 1000 / last-modified: 1618415348"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20978
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:02 GMT

GET
H/1.1 200
OK cyberscoop-interstitial.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 456ms
131ms Image
image/svg+xml 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/cyberscoop-interstitial.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Wed, 10 Feb 2021 15:47:32 GMT
Server: AmazonS3
x-amz-request-id: WFR2A3HY5H9K51ZN
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: sJmfTgksIod2+sX/jtkpaB7dAoV/9ErtnWX8Yg2VwnO39UuzUcVteBd6xAfWWaCZPbGifOClO1s=

GET
H/1.1 200
OK closex.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 456ms
131ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/closex.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Tue, 12 May 2020 13:43:08 GMT
Server: AmazonS3
x-amz-request-id: WFR1S7F7CFCRM1Y1
ETag: "6fa9505df4b1d86476aef77673f3b330"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4658
x-amz-id-2: Cbvl4tNpnIM8lR54Y9lX5m6IpfAG/2teoURpAcQhyScVr+SLifmI/QQ4TIL+RzcyqTDgZhHpia4=

GET
H2 200 twitter.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
1 KB 108ms
106ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/twitter.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: W/"5f8eafd7-87c"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 facebook.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
828 B 109ms
107ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/facebook.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-4f8"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 linkedin.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 2 KB
993 B 109ms
107ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/linkedin.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-741"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 reddit.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 6 KB
3 KB 109ms
107ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/reddit.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-18f6"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 gmail.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/ 1 KB
886 B 109ms
107ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/share-icon/gmail.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-49d"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H/1.1 200
OK close_purple.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 991 B
1 KB 459ms
133ms Image
image/svg+xml 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/close_purple.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Fri, 22 Jan 2021 00:05:15 GMT
Server: AmazonS3
x-amz-request-id: WFRC9X34F9EWE4P5
ETag: "cde4ecef61a0a35571e737da5276b5e7"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 991
x-amz-id-2: ckeDs7Eq67a1NbU5Or7eTdolw17wJ9S1zD/9qHsfwRfhLoboNk/VEzqFrZ7B0YbiKUAP4f1E56g=

GET
H2 200 v2.js Show response
js.hsforms.net/forms/ 529 KB
129 KB 50ms
34ms Script
application/javascript 2606:4700::6811:b849
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://js.hsforms.net/forms/v2.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b849 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3f212829c67ebb4044ba56c6f1aa9e723b01d57e6493ac39259874acb075cf7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
via: 1.1 e685e9e08c2e4b105f4d86b35da50629.cloudfront.net (CloudFront)
vary: Accept-Encoding
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 290
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0974057b5e000005bf6f099000000001
last-modified: Wed, 14 Apr 2021 03:21:03 UTC
server: cloudflare
etag: W/"84f64610e8484aac25c8c916a7e96a3a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uRo2ZG%2B4V3SjWHOBb%2BbK3gFhDfdFPiRzox2axIqgR5EiPXs6v6pF4BOeX55kd1r%2FordJ1Uijpu40WuaofoGS60S5Vi3bkcAlF6HYEjT64UbYmjB2TNQ9rUYBYg%3D%3D"}],"max_age":604800}
x-amz-version-id: JzoNO6RcOps3ADq7CcEn8nAWo8Hfy3qb
access-control-allow-origin: *
cache-control: s-maxage=600, max-age=0
x-hs-cache-status: HIT
x-amz-cf-pop: IAD89-C3
cf-ray: 64003ea568c705bf-FRA
x-amz-cf-id: tuAiVMoKmfLzA9LVJzD4NejlphrJg6SSz6Hl20df5c0cYLiyLgqDXw==

GET
H2 200 gpt.js Show response
www.googletagservices.com/tag/js/ 62 KB
21 KB 60ms
38ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a502ef5d93b58460615f504db8e74b41337b3e26531691c7a78e7561402eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "843 / 711 of 1000 / last-modified: 1618415348"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20977
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:02 GMT

GET
H2 200 ads.js Show response
www.cyberscoop.com/wp-content/themes/cyberscoop/js/ 740 B
703 B 110ms
109ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/js/ads.js?ver=1.0.0
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:30 GMT
server: nginx
etag: W/"5f8eafda-2e4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:02 GMT

GET
H2 200 wp-embed.min.js Show response
www.cyberscoop.com/wp-includes/js/ 1 KB
990 B 108ms
106ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-embed.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-59a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:02 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 142 KB
51 KB 21ms
19ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5394f132464da63a08aa5b2cdd62f2f806ef21d37689a9ef6b9c3f02cdaaf10c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51908
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 21:01:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 14 Apr 2021 22:07:02 GMT

GET
H2 200 wp-emoji-release.min.js Show response
www.cyberscoop.com/wp-includes/js/ 14 KB
5 KB 108ms
107ms Script
application/javascript 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=5.5.3
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 20:23:31 GMT
server: nginx
etag: W/"5fcd3dc3-37a6"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:02 GMT

GET
H2 200 lightslider.min.css
www.cyberscoop.com/wp-content/themes/cyberscoop/css/ 5 KB
2 KB 106ms
106ms Stylesheet
text/css 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/css/lightslider.min.css
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:01 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:19 GMT
server: nginx
etag: W/"5f8eafcf-14b3"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000, public
expires: Thu, 14 Apr 2022 22:07:01 GMT

GET
H2 200 page.js Show response
static.addtoany.com/menu/ 82 KB
27 KB 36ms
16ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/page.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 39688
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0974057b7e00004ea4dfbb3000000001
last-modified: Mon, 15 Mar 2021 11:04:59 GMT
server: cloudflare
etag: W/"146fb-5bd91388499a9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=172800
cf-ray: 64003ea59cd84ea4-FRA
cf-bgj: minify

GET
H/1.1 200
OK CyberScoop_Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 2 KB
3 KB 453ms
120ms Image
image/svg+xml 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/CyberScoop_Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: WFRB0RAKZBKA6BXV
ETag: "b3250d52680549abc7222f71b2dce836"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 2375
x-amz-id-2: TvsgFamt2FD6NYH8Mx8WDtFdocMiCJh/E1YPp+03fQ/bnjPqTEFIn2eeDOGinv2imGJZ4JRPH5E=

GET
H/1.1 200
OK SNG-RGB-Color.svg
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 470ms
135ms Image
image/svg+xml 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/SNG-RGB-Color.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 21:02:05 GMT
Server: AmazonS3
x-amz-request-id: WFR7XD6G1W14GW4Z
ETag: "61428dbcecc23b1679236e221c5228d4"
Content-Type: image/svg+xml
Accept-Ranges: bytes
Content-Length: 5545
x-amz-id-2: OxAWNj8dRPwCrftCZc//XwRVgzQ+R/ohhJLIjNJc+GJ/oZD8M4/n1OzT9Bf0zTB1nnUo4KFf+hk=

GET
DATA 200
OK truncated
/ 1 KB
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnZKveRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 22:36:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:06:35 GMT
server: sffe
age: 343840
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22920
x-xss-protection: 0
expires: Sun, 10 Apr 2022 22:36:22 GMT

GET
H2 200 PuristaMedium.woff
www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/ 37 KB
37 KB 106ms
106ms Font
font/woff 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/wp-content/themes/cyberscoop/fonts/PuristaMedium.woff

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx /

Resource Hash

c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload

Request headers

Origin: https://www.cyberscoop.com
Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Tue, 20 Oct 2020 09:37:20 GMT
server: nginx
etag: "5f8eafd0-9340"
strict-transport-security: max-age=31536000, max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload
content-type: font/woff
accept-ranges: bytes
content-length: 37696
x-ua-compatible: IE=Edge

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 8038
Redirect Chain

https://www.cyberscoop.com/advertising/?id=leaderboard&page=article&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vuln...
https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnera...

2 KB
1 KB

941ms
941ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

870b676bf799feeb11ad5735059d3a75b0b86101ced1a465fb4e7ea4690b38c0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.2.1695727006.1618438022; _gid=GA1.2.1750366396.1618438022; _gat_UA-80491860-1=1; _fbp=fb.1.1618438022432.1048598205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email

Response headers

server: nginx
date: Wed, 14 Apr 2021 22:07:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 14 Apr 2021 22:07:02 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame FB93
Redirect Chain

https://www.cyberscoop.com/advertising/?id=article&page=article&position=static&category=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vulnerabilities
https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

1 KB
903 B

960ms
960ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

918ef2d3a0a0b4437af314a5827978c3bbb406046964f1c03200a7047107531c

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.2.1695727006.1618438022; _gid=GA1.2.1750366396.1618438022; _gat_UA-80491860-1=1; _fbp=fb.1.1618438022432.1048598205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email

Response headers

server: nginx
date: Wed, 14 Apr 2021 22:07:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 14 Apr 2021 22:07:02 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame 1F29
Redirect Chain

https://www.cyberscoop.com/advertising/?id=skyscraper&page=article&position=sticky&categories=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,sophos,vulnerabilities
https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

2 KB
1004 B

962ms
961ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

a0557598367f43e5e5a51a17ece8c91e982d73effdedc3cdee79b45ef4e402f0

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.2.1695727006.1618438022; _gid=GA1.2.1750366396.1618438022; _gat_UA-80491860-1=1; _fbp=fb.1.1618438022432.1048598205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email

Response headers

server: nginx
date: Wed, 14 Apr 2021 22:07:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 14 Apr 2021 22:07:02 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2

200

/ Show response
www.cyberscoop.com/advertising/ Frame B94C
Redirect Chain

https://www.cyberscoop.com/advertising/?id=billboard&page=article&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency,cryptojacking,exchange-server,microsoft,s...
https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos...

2 KB
1 KB

976ms
976ms

Document
text/html

52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-52-21-95-133.compute-1.amazonaws.com

Software

nginx / PHP/7.3.27

Resource Hash

534e969062234eaaaab62496c0251d6f8628b4014ce21099d56986e3c8361155

Security Headers

Name	Value
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.cyberscoop.com
:scheme: https
:path: /advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: _ga=GA1.2.1695727006.1618438022; _gid=GA1.2.1750366396.1618438022; _gat_UA-80491860-1=1; _fbp=fb.1.1618438022432.1048598205
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email

Response headers

server: nginx
date: Wed, 14 Apr 2021 22:07:03 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
x-powered-by: PHP/7.3.27
link: <https://www.cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://www.cyberscoop.com/wp-json/wp/v2/pages/5054>; rel="alternate"; type="application/json" <https://www.cyberscoop.com/?p=5054>; rel=shortlink
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block
content-encoding: gzip

Redirect headers

server: nginx
date: Wed, 14 Apr 2021 22:07:02 GMT
content-type: text/html; charset=UTF-8
location: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities
x-powered-by: PHP/7.3.27
expires: Wed, 11 Jan 1984 05:00:00 GMT
cache-control: no-cache, must-revalidate, max-age=0
x-redirect-by: WordPress
x-fastcgi-cache: BYPASS
x-xss-protection: 1; mode=block

GET
H2 200 GettyImages-1306394023-1021x681.jpg
www.cyberscoop.com/wp-content/uploads/2021/04/ 121 KB
122 KB 108ms
108ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/04/GettyImages-1306394023-1021x681.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 7b65c170a45f7b9ef50dd56660bfd25dd0b1a726da2e4762aa0b6a718f0c01ad

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Wed, 14 Apr 2021 13:42:09 GMT
server: nginx
etag: "6076f131-1e538"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 124216
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 GettyImages-96666449-Cropped1-min.jpg
www.cyberscoop.com/wp-content/uploads/2019/11/ 486 KB
487 KB 170ms
169ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2019/11/GettyImages-96666449-Cropped1-min.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 53f3e1dc1c67d11e936447c1696d877c1371bc3f42ae667ecf834e5e60fb0b40

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Tue, 20 Oct 2020 10:05:07 GMT
server: nginx
etag: "5f8eb653-798f0"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 497904
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 nsa3-rsa-2019.jpg
www.cyberscoop.com/wp-content/uploads/2019/03/ 369 KB
369 KB 170ms
169ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2019/03/nsa3-rsa-2019.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 2842a90967ad223105ebd7ca0fb5a45f9addf1234fba6250788026f7fbb00710

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Tue, 20 Oct 2020 10:03:22 GMT
server: nginx
etag: "5f8eb5ea-5c206"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 377350
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 GettyImages-1231358836-307x171.jpg
www.cyberscoop.com/wp-content/uploads/2021/04/ 8 KB
9 KB 170ms
169ms Image
image/jpeg 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/uploads/2021/04/GettyImages-1231358836-307x171.jpg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 3d9031b9d4b0fe29fc43e74c8ae753685e661a16d89d5a9e2caafe81cdd3c0cb

Request headers

Referer: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Thu, 08 Apr 2021 19:55:49 GMT
server: nginx
etag: "606f5fc5-218d"
content-type: image/jpeg
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 8589
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H3-Q050 200 va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2
fonts.gstatic.com/s/firasans/v11/ 23 KB
23 KB 33ms
20ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9B4kDNxMZdWfMOD5VnLK3eRhf6.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 22:36:22 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:06:21 GMT
server: sffe
age: 343840
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23868
x-xss-protection: 0
expires: Sun, 10 Apr 2022 22:36:22 GMT

GET
H3-Q050 200 TK3iWkUHHAIjg752GT8G.woff2
fonts.gstatic.com/s/oswald/v36/ 31 KB
31 KB 30ms
17ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/oswald/v36/TK3iWkUHHAIjg752GT8G.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Oswald%3A300%2C400%2C700&subset=latin-ext&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sun, 11 Apr 2021 10:03:38 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 20:31:39 GMT
server: sffe
age: 302604
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31676
x-xss-protection: 0
expires: Mon, 11 Apr 2022 10:03:38 GMT

GET
H3-Q050 200 va9E4kDNxMZdWfMOD5Vvl4jL.woff2
fonts.gstatic.com/s/firasans/v11/ 22 KB
23 KB 28ms
15ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/firasans/v11/va9E4kDNxMZdWfMOD5Vvl4jL.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Fira+Sans%3A300%2C400%2C500%2C700&subset=latin-ext&ver=5.5.3

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.cyberscoop.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 10 Apr 2021 22:34:26 GMT
x-content-type-options: nosniff
last-modified: Thu, 01 Apr 2021 22:05:49 GMT
server: sffe
age: 343956
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 22748
x-xss-protection: 0
expires: Sun, 10 Apr 2022 22:34:26 GMT

GET
H2 200 facebook_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 361 B
552 B 194ms
193ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/facebook_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: 34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Tue, 20 Oct 2020 09:37:25 GMT
server: nginx
etag: "5f8eafd5-169"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 361
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 twitter_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 481 B
671 B 194ms
193ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/twitter_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Tue, 20 Oct 2020 09:37:27 GMT
server: nginx
etag: "5f8eafd7-1e1"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 481
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 linkedin_logo_white.png
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 946 B
1 KB 194ms
193ms Image
image/png 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/linkedin_logo_white.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: "5f8eafd6-3b2"
content-type: image/png
cache-control: max-age=2592000, public
accept-ranges: bytes
content-length: 946
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H2 200 instagram_logo_white.svg
www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/ 2 KB
874 B 194ms
193ms Image
image/svg+xml 52.21.95.133
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/images/icons/instagram_logo_white.svg
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.21.95.133 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-52-21-95-133.compute-1.amazonaws.com
Software: nginx /
Resource Hash: e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4

Request headers

Referer: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 09:37:26 GMT
server: nginx
etag: W/"5f8eafd6-625"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000, public
expires: Fri, 14 May 2021 22:07:02 GMT

GET
H/1.1 200
OK Stacked_SNG.png
s3.amazonaws.com/sng-global-web-assets/logo/ 12 KB
12 KB 453ms
131ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_SNG.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: WFR5VN7K2JBY10JY
ETag: "793107aa127f2349e0bb9d0df99cd240"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 11864
x-amz-id-2: 90hzXHiBCSuTd3MeQjUhG/5WSABb5Tmf9qS58cDm5OoUvUarhAuxJC4MD0TR16WpDG2kFWDz+Jo=

GET
H/1.1 200
OK Stacked_CyberScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 118ms
118ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_CyberScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: WFR117SGGJSTHPQJ
ETag: "6b8717aa8156bf0573b498232d63b71f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5199
x-amz-id-2: K+SMijlJq4FU9DWSKfoSywcoxEqw9X7ezXqwjdJ7wzW5T4J1M6rqyZkxKA7irazl0JTyQrwUvck=

GET
H/1.1 200
OK Stacked_FedScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 123ms
122ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_FedScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: WFR7D5X03FEMQ165
ETag: "da067ed314fa2f647e16efb7331759de"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4000
x-amz-id-2: dT3fNp7y2yzSQy82YXLsiuX/JCLc2T1uFm5ffG8xJ7/gU+cmvo0Ym8zwKWhErzuiOYgC/qEv5QY=

GET
H/1.1 200
OK Stacked_StateScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
5 KB 118ms
117ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_StateScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: WFR6V6EYMWXD796J
ETag: "62c167ae878c0c3b3a41b50025cacba7"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 4872
x-amz-id-2: yBCp+4Ic5J6MjVB/CQ7kD1Rt2aZlKyRB9zjKH1MWFjHuH2jIqXBwMK3ubwsno7PkbmkjA39x8Cs=

GET
H/1.1 200
OK Stacked_EdScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 5 KB
6 KB 192ms
191ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_EdScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: WFRFBCA39M01A7J3
ETag: "b5d5b8c0479b1963324ebca52c96a43b"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 5349
x-amz-id-2: Jj4IYgmgqoaKAckgPW5liKwH1AHlS9chFSaUmDmu3TxllRXe2CY2tjcNzMepGTk3TsM3Y9W5xBE=

GET
H/1.1 200
OK Stacked_WorkScoop.png
s3.amazonaws.com/sng-global-web-assets/logo/ 4 KB
4 KB 136ms
135ms Image
image/png 52.217.37.54
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3.amazonaws.com/sng-global-web-assets/logo/Stacked_WorkScoop.png
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/wp-content/themes/cyberscoop/style.css?ver=5.5.3
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.217.37.54 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: AmazonS3 /
Resource Hash: 7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:03 GMT
Last-Modified: Thu, 21 Jan 2021 23:37:33 GMT
Server: AmazonS3
x-amz-request-id: WFR0VQBZ3W872MRD
ETag: "779a62747ba1fe2dfac41aa83a03313c"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 3934
x-amz-id-2: +9FxgVhPiuPa7AInl1tQXexLA5P9mfSLgFSkXNXMY+SxSIxxrSSKFkC2KrV/iPB+ahSrPz+6YjA=

GET
H2 200 20762415-8082-48f0-b243-36443c93d852 Show response
forms.hsforms.com/embed/v3/form/2153467/ 19 KB
4 KB 123ms
122ms Script
application/javascript 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hsforms.com/embed/v3/form/2153467/20762415-8082-48f0-b243-36443c93d852?callback=hs_reqwest_0&hutk=

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f34fab7dfb24eb9ed68a5bbaa5943211118c8acfd8a32f1ea01f8ec40907a3c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-disposition: attachment; filename=no-rfd.txt
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0974057bfc0000325c6c82c000000001
server: cloudflare
x-trace: 2B26C925019C31F9238E447A23A6663263CE93B579000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript;charset=utf-8
vary: Accept-Encoding
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
cf-ray: 64003ea65b7e325c-FRA

GET
DATA 200
OK truncated
/ 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3-Q050 200 pubads_impl_2021041201.js Show response
securepubads.g.doubleclick.net/gpt/ 294 KB
104 KB 127ms
83ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 08:37:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106031
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:02 GMT

GET
H2 200 icons.29.svg.js Show response
static.addtoany.com/menu/svg/ 78 KB
33 KB 18ms
17ms Script
application/javascript 2606:4700:10::ac43:2794
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.addtoany.com/menu/svg/icons.29.svg.js

Requested by

Host: static.addtoany.com
URL: https://static.addtoany.com/menu/page.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2794 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
via: e2s
x-content-type-options: nosniff
cf-cache-status: HIT
age: 13631986
p3p: CP="ALL DSP COR CURa ADMa DEVa TAIa PSAa PSDa OUR IND UNI COM NAV INT"
content-encoding: br
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 0974057c2900004ea41c29c000000001
last-modified: Mon, 31 Dec 2018 23:29:11 GMT
server: cloudflare
etag: W/"13937-57e59c7b88bd6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
vary: Accept-Encoding
cache-control: max-age=315360000, immutable
cf-ray: 64003ea6aed74ea4-FRA
cf-bgj: minify

GET
H/1.1 200
OK insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 4 KB
2 KB 20ms
6ms Script
application/x-javascript 2a02:26f0:7100:18d::25ea
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:18d::25ea Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:02 GMT
Content-Encoding: gzip
Last-Modified: Mon, 04 Jan 2021 22:14:03 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=21242
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1855

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 5 KB
2 KB 97ms
31ms Script
application/javascript 199.232.136.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 199.232.136.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
via: 1.1 varnish
last-modified: Fri, 04 Dec 2020 00:21:46 GMT
age: 76536
etag: "cbc512946c8abb461c6215ed5b454e5f+gzip"
vary: Accept-Encoding,Host
x-cache: HIT
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
content-encoding: gzip
cache-control: no-cache
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
content-length: 1957
x-timer: S1618438022.278461,VS0,VE0
x-served-by: cache-hhn11569-HHN

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 92 KB
24 KB 96ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23960
x-fb-rlafr: 0
pragma: public
x-fb-debug: 098pg3jAZqp7Q1Cpx+jok+zw472wMvgxhd4YVMpEk/8McWSdr02bzkhghQMLe2pxBVayk+y6OCQkxeH0XKbWCg==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Wed, 14 Apr 2021 22:07:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 942 B
706 B 388ms
387ms Script
application/javascript 2606:4700::6811:d4cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:d4cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a66e6cf6e6a86b34b9535aa640590625ede70093ea3aacf3160cdf02ec3ef4f4

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: br
cf-cache-status: EXPIRED
server: cloudflare
x-trace: 2B32F92F1F4EEBC50469E20F491E114A7577FC0748000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.cyberscoop.com
access-control-max-age: 3600
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 64003ea6bc724e8b-FRA
cf-request-id: 0974057c3400004e8bc79a5000000001
expires: Wed, 14 Apr 2021 22:08:02 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 48 KB
19 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 19 Mar 2021 19:22:18 GMT
server: Golfe2
age: 924
date: Wed, 14 Apr 2021 21:51:38 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19463
expires: Wed, 14 Apr 2021 23:51:38 GMT

GET
H2

200

collect
px.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618438022219&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hs...
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1618438022219%26url%3Dhttps%253A%252F%252Fwww.cyberscoop.com%252Fm...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618438022219&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hs...

0
80 B

214ms
214ms

Image
application/javascript

2620:119:50e1:101::6cae:b25
LINKEDIN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618438022219&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&liSync=true
Requested by: Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/microsoft-exchange-server-flaws-monero-cryptojacking/?utm_medium=email&_hsmi=121394215&_hsenc=p2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg&utm_content=121394215&utm_source=hs_email
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:119:50e1:101::6cae:b25 , United States, ASN14413 (LINKEDIN, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:03 GMT
server: Play
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-proto: http/2
x-li-pop: prod-esv5
content-type: application/javascript
content-length: 0
x-li-uuid: 5fkFpM7YdRbwYG52rSoAAA==

Redirect headers

content-security-policy: default-src *; connect-src 'self' https://media-src.linkedin.com/media/ www.linkedin.com s.c.lnkd.licdn.com m.c.lnkd.licdn.com wss://*.linkedin.com dms.licdn.com https://dpm.demdex.net/id lnkd.demdex.net blob: https://accounts.google.com/gsi/status https://linkedin.sc.omtrdc.net/b/ss/ www.google-analytics.com static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com media.licdn.com media-exp1.licdn.com media-exp2.licdn.com media-exp3.licdn.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'report-sample' 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com www.google-analytics.com ssl.google-analytics.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com slideshare.www.linkedin.com https://snap.licdn.com/li.lms-analytics/ platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; child-src blob: lnkd-communities: voyager: *; frame-ancestors 'self'
x-content-type-options: nosniff
linkedin-action: 1
content-length: 0
x-li-uuid: vOCmmc7YdRbQ19UYASsAAA==
pragma: no-cache
x-li-pop: afd-prod-ltx1
x-msedge-ref: Ref A: 891D3412E77945E58A8CC471A66AD65E Ref B: FRAEDGE1212 Ref C: 2021-04-14T22:07:02Z
x-frame-options: sameorigin
date: Wed, 14 Apr 2021 22:07:02 GMT
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
strict-transport-security: max-age=31536000
x-li-fabric: prod-ltx1
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1618438022219&url=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&liSync=true
cache-control: no-cache, no-store
x-li-proto: http/2
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
390 B 45ms
13ms XHR
text/plain 2a00:1450:4001:80f::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j89&a=258719748&t=pageview&_s=1&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&ul=en-us&de=UTF-8&dt=Unpatched%20Microsoft%20Exchange%20Servers%20hit%20with%20cryptojacking%20-%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1626936599&gjid=1607498331&cid=1695727006.1618438022&tid=UA-80491860-1&_gid=1750366396.1618438022&_r=1&gtm=2wg3v0KR697BF&z=1022748055

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:02 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ 2 KB
958 B 42ms
28ms Stylesheet
text/css 2a00:1450:4001:801::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Oswald

Requested by

Host: js.hsforms.net
URL: https://js.hsforms.net/forms/v2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Wed, 14 Apr 2021 21:07:58 GMT
server: ESF
date: Wed, 14 Apr 2021 22:07:02 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Wed, 14 Apr 2021 22:07:02 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
448 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j89&tid=UA-80491860-1&cid=1695727006.1618438022&jid=1626936599&gjid=1607498331&_gid=1750366396.1618438022&_u=YEBAAEAAAAAAAC~&z=499899431

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Wed, 14 Apr 2021 22:07:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 adsct
t.co/i/ 43 B
449 B 235ms
153ms Image
image/gif 104.244.42.133
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.133 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 113
pragma: no-cache
last-modified: Wed, 14 Apr 2021 22:07:02 GMT
server: tsa_o
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=0
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 86dd5df8fd697960d53365d506c1d5dd
x-transaction: 0000d7f9004cd6b2
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
293 B 19ms
18ms Image
image/gif 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-80491860-1&cid=1695727006.1618438022&jid=1626936599&_u=YEBAAEAAAAAAAC~&z=137960084

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
505 B 37ms
17ms Image
image/gif 2a00:1450:4001:813::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j89&tid=UA-80491860-1&cid=1695727006.1618438022&jid=1626936599&_u=YEBAAEAAAAAAAC~&z=137960084

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:02 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 896395920528126 Show response
connect.facebook.net/signals/config/ 254 KB
73 KB 32ms
32ms Script
application/x-javascript 2a03:2880:f013:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.39&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f013:d:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b56356964d8e45ef965541bb383660bcc68c1bc91f781a876e5e27c67190c079

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 74086
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9Rr0bTISbGhsv3dsnVIFFvH50MmxjqapuQJzoxI2lI7ZVBDPym5r+F6dU21wRpj6kiUYqDQnOrUQTeO0Y39vRQ==
x-fb-trip-id: 1679558926
x-frame-options: DENY
date: Wed, 14 Apr 2021 22:07:02 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
408 B 96ms
32ms Image
image/gif 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&rl=&if=false&ts=1618438022434&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1618438022432.1048598205&it=1618438022338&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Wed, 14 Apr 2021 22:07:02 GMT

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1618437900000/ 62 KB
18 KB 152ms
151ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1618437900000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cb53fd4d514accd4713efc61055e9bac3059efa921cd700f1e0e62963b060c99

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: WFRETHS9H5FVFS5C
x-amz-server-side-encryption: AES256
cf-ray: 64003ea92ca54e14-FRA
x-amz-id-2: K+sYOE+dMBHNJnbCah8LY126eZFDAkb8KbVzciXT0RtkrgFcS58WRKXrBU9DZqNXthEVj84cutA=
last-modified: Tue, 13 Apr 2021 18:11:32 GMT
server: cloudflare
etag: W/"c9309a4b24754828fd415e95fa3245e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
cf-request-id: 0974057db900004e14e093c000000001
content-type: text/javascript
expires: Wed, 14 Apr 2021 22:12:02 GMT

GET
H2 200 2153467.js Show response
js.hs-banner.com/ 59 KB
14 KB 226ms
226ms Script
text/javascript 2606:4700::6812:14bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:14bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9270a81326607795ab986b54a84c53a0408682468f364bf2054566f95964f2f

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:02 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: FV2YMQEC5277XXEC
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: S51jT4Npz5G+RpFk16Z3CyNSrmJU8lYtbpXxjWPDu7WVJi5vpkFNa83lcZXXeM03V8DlNaB2dfM=
timing-allow-origin: *
last-modified: Tue, 13 Apr 2021 18:11:34 GMT
server: cloudflare
etag: W/"a8ed43bcd5503352a3c859b837452188"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: Pevq6OOeHyEaUFm_ZLA6CIrUl9SDdpyD
access-control-allow-origin: https://www.cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-request-id: 0974057dbc00004e1333a58000000001
cf-ray: 64003ea92f024e13-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Wed, 14 Apr 2021 22:12:02 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
86 B 32ms
31ms Other
text/plain 2a03:2880:f113:81:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f113:81:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryVs2su89ToOhwuHZz

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Wed, 14 Apr 2021 22:07:02 GMT
content-type: text/plain
access-control-allow-origin: https://www.cyberscoop.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 8038 62 KB
21 KB 71ms
57ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=leaderboard&parent_id=ad-os0uGMDylB-leaderboard&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878288f1c0048d4cd9473395880ef79316fe05db35d98fb61a8c18cd4b25783a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "843 / 94 of 1000 / last-modified: 1618415296"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20955
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:03 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame 1F29 62 KB
21 KB 43ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=skyscraper&position=sticky&categories=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

62a502ef5d93b58460615f504db8e74b41337b3e26531691c7a78e7561402eb6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "843 / 845 of 1000 / last-modified: 1618415348"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20977
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:03 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame B94C 62 KB
21 KB 44ms
43ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=billboard&position=bottom&parent_id=ad-RhMxgWQL3K-billboard&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

878288f1c0048d4cd9473395880ef79316fe05db35d98fb61a8c18cd4b25783a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "843 / 349 of 1000 / last-modified: 1618415296"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20955
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:03 GMT

GET
H3-Q050 200 gpt.js Show response
www.googletagservices.com/tag/js/ Frame FB93 62 KB
21 KB 45ms
45ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/tag/js/gpt.js

Requested by

Host: www.cyberscoop.com
URL: https://www.cyberscoop.com/advertising/?id=article&position=static&category=technology&tags=cryptocurrency%2Ccryptojacking%2Cexchange-server%2Cmicrosoft%2Csophos%2Cvulnerabilities

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d72ddebe45abc3dbf3a228d5727b49f6a64dba7b686d0dd27f9693e39071555f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "843 / 44 of 1000 / last-modified: 1618415296"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20950
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:03 GMT

GET
H3-Q050 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 8038 296 KB
104 KB 70ms
70ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ Frame B94C 296 KB
104 KB 72ms
71ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 pubads_impl_2021041201.js Show response
securepubads.g.doubleclick.net/gpt/ Frame 1F29 294 KB
104 KB 68ms
68ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 12 Apr 2021 08:37:08 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106031
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 pubads_impl_2021040804.js Show response
securepubads.g.doubleclick.net/gpt/ Frame FB93 296 KB
104 KB 72ms
71ms Script
text/javascript 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/tag/js/gpt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

sffe /

Resource Hash

bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 08 Apr 2021 19:24:37 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 106480
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 8038 107 B
799 B 34ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 8038 107 B
553 B 35ms
14ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 8038 9 KB
5 KB 112ms
111ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3464853365202584&correlator=1315525323125032&output=ldjh&impl=fif&eid=31060790&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210414&iu_parts=18430785%2CCyberScoop_Article_Leaderboard_970x90&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=Tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618438024&dt=1618438024200&dlt=1618438023924&idt=258&frm=23&biw=1600&bih=1200&isw=1600&ish=150&oid=3&adxs=0&adys=170&adks=13849420&ucis=nge9r33by2qa&ifi=1&ifk=713534873&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dleaderboard%26parent_id%3Dad-os0uGMDylB-leaderboard%26categories%3Dtechnology%26tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=1600x150&msz=970x-1&ga_vid=1695727006.1618438022&ga_sid=1618438024&ga_hid=721546317&ga_fc=true&fws=0&ohw=0&btvi=0

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

31cce9decad199ebb560bfb34365501e21066210babf63db99a3b4795347bf86

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4985
x-xss-protection: 0
google-lineitem-id: 5661593897
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138345426329
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 8038 0
0 29ms
14ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 8038 0
0 26ms
6ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ Frame 1F29 107 B
165 B 14ms
14ms Script
application/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ Frame 1F29 107 B
165 B 15ms
15ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame 1F29 9 KB
5 KB 75ms
74ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=2403116964662389&correlator=103851005862974&output=ldjh&impl=fif&eid=31060782%2C31060787%2C31060494&vrg=2021041201&ptt=17&sc=1&sfv=1-0-38&ecs=20210414&iu_parts=18430785%2CCyberScoop_HalfPage_300x600&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x600&prev_scp=Tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618438024&dt=1618438024228&dlt=1618438023958&idt=254&ea=0&frm=23&biw=1600&bih=1200&isw=300&ish=600&oid=3&adxs=983&adys=1605&adks=2863372106&ucis=v2r4tqoqhzuu&ifi=1&ifk=957674753&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dskyscraper%26position%3Dsticky%26categories%3Dtechnology%26tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=300x600&msz=300x-1&ga_vid=1695727006.1618438022&ga_sid=1618438024&ga_hid=1890025511&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

f7f6e5518f418ea1cc3ea9526643b0d46dc3568509caaa95f03536b06006c9f9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4837
x-xss-protection: 0
google-lineitem-id: 5614486206
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339609769
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F29 0
0 32ms
15ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame 1F29 0
0 35ms
20ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame B94C 107 B
777 B 43ms
28ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame B94C 107 B
123 B 43ms
29ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame B94C 36 KB
14 KB 75ms
73ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=3587456262402239&correlator=828195005101272&output=ldjh&impl=fif&eid=31060312%2C21064370%2C31060707&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210414&iu_parts=18430785%2CCyberScoop_Cat_Art_Bottom_980x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=980x250%7C970x250%7C728x90%7C970x90&prev_scp=position%3Dbottom%26categories%3Dtechnology%26Tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618438024&dt=1618438024248&dlt=1618438023963&idt=277&ea=0&frm=23&biw=1600&bih=1200&isw=980&ish=250&oid=3&adxs=0&adys=3348&adks=3048910702&ucis=bnex6x8gnenq&ifi=1&ifk=883170166&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Dbillboard%26position%3Dbottom%26parent_id%3Dad-RhMxgWQL3K-billboard%26category%3Dtechnology%26tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=980x250&msz=980x-1&ga_vid=1695727006.1618438022&ga_sid=1618438024&ga_hid=929162966&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

78ec474e4d80baee9a1e29e27af012fd05fc77daa946552280c56609adbf16fd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14311
x-xss-protection: 0
google-lineitem-id: 5650420444
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138343891724
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
7445015f24b4138079e5432b973c37a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame B94C 0
0 30ms
13ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://7445015f24b4138079e5432b973c37a9.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame B94C 0
0 22ms
21ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 integrator.js Show response
adservice.google.de/adsid/ Frame FB93 107 B
123 B 29ms
29ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 integrator.js Show response
adservice.google.com/adsid/ Frame FB93 107 B
531 B 27ms
27ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
securepubads.g.doubleclick.net/gampad/ Frame FB93 9 KB
5 KB 70ms
70ms XHR
text/plain 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?gdfp_req=1&pvsid=4503508210773965&correlator=3977421521183918&output=ldjh&impl=fif&eid=31060517%2C31060505%2C21065725&vrg=2021040804&ptt=17&sc=1&sfv=1-0-38&ecs=20210414&iu_parts=18430785%2CCyberScoop_Article_Left_Rail_300x250&enc_prev_ius=%2F0%2F1&prev_iu_szs=300x250&prev_scp=position%3Dstatic%26Tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities%26categories%3Dtechnology&cookie_enabled=1&cdm=www.cyberscoop.com&bc=31&abxe=1&lmt=1618438024&dt=1618438024262&dlt=1618438023972&idt=282&ea=0&frm=23&biw=1600&bih=1200&isw=310&ish=250&oid=3&adxs=983&adys=1340&adks=4064999910&ucis=x9uam3361n0v&ifi=1&ifk=544602725&u_tz=120&u_his=2&u_java=false&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&flash=0&nhd=1&url=https%3A%2F%2Fwww.cyberscoop.com%2Fadvertising%2F%3Fid%3Darticle%26position%3Dstatic%26category%3Dtechnology%26tags%3Dcryptocurrency%252Ccryptojacking%252Cexchange-server%252Cmicrosoft%252Csophos%252Cvulnerabilities&ref=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&top=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&vis=1&dmc=8&scr_x=0&scr_y=0&psz=310x250&msz=300x-1&ga_vid=1695727006.1618438022&ga_sid=1618438024&ga_hid=927613653&ga_fc=true&fws=256&ohw=0&btvi=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

963e612947983d57da5d83ca9bc8d9229ba31a1067b41f1392df5d9d8bf03cea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4904
x-xss-protection: 0
google-lineitem-id: 5614486206
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138339219477
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://www.cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame FB93 0
0 28ms
13ms Other
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 container.html
tpc.googlesyndication.com/safeframe/1-0-38/html/ Frame FB93 0
0 8ms
8ms Other
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://tpc.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H2 200 adsct Show response
analytics.twitter.com/i/ 31 B
660 B 227ms
144ms Script
application/javascript 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://analytics.twitter.com/i/adsct?type=javascript&version=1.1.1&p_id=Twitter&p_user_id=0&txn_id=nv8sr&events=%5B%5B%22pageview%22%2Cnull%5D%5D&tw_sale_amount=0&tw_order_quantity=0&tw_iframe_status=0&tpx_cb=twttr.conversion.loadPixels&tw_document_href=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email

Requested by

Host: static.ads-twitter.com
URL: https://static.ads-twitter.com/uwt.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_devel /

Resource Hash

df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 57
x-xss-protection: 0
pragma: no-cache
last-modified: Wed, 14 Apr 2021 22:07:04 GMT
server: tsa_devel
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: application/javascript;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 09553bba1ac22b26537ed1e6baba69f220477997eca1cfff1b56515f78ac8f22
x-transaction: bfc617a0d5c16527
expires: Tue, 31 Mar 1981 05:00:00 GMT

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
471 B 30ms
29ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=15&fi=20762415-8082-48f0-b243-36443c93d852&fci=fb239c62-21b6-4957-8f30-1140d4bdf20a&ft=0&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&t=Unpatched+Microsoft+Exchange+Servers+hit+with+cryptojacking+-+CyberScoop&cts=1618438024296&vi=adae0d4640a4a51bc229fb077336a5d4&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64003eb3ffae1786-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 09740584790000178603317000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=AF9lBM5Ld9T%2BwKjNV5WMFQdDy4pb0kkO87sB2s8VCsAxtecaTpQslMBVTh%2FI3GXSYmYOBhSMtreAjZlgoBL5hnZiBI3GhwjpRpDKrAGP0MZ%2BpSDG3c9EOyUc5vxGUQ%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
344 B 32ms
31ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=2736934676&v=1.1&a=2153467&rcu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F&pu=https%3A%2F%2Fwww.cyberscoop.com%2Fmicrosoft-exchange-server-flaws-monero-cryptojacking%2F%3Futm_medium%3Demail%26_hsmi%3D121394215%26_hsenc%3Dp2ANqtz--oSPaQtBaCNYgQ1Rkw1TwuFd9mrJAMDOt1aNDRpxWV5Z5WtBgeGI6OMqvje3YPL7etyFgyqzb-SA59Wt3RJFayQ4OHdg%26utm_content%3D121394215%26utm_source%3Dhs_email&t=Unpatched+Microsoft+Exchange+Servers+hit+with+cryptojacking+-+CyberScoop&cts=1618438024310&vi=adae0d4640a4a51bc229fb077336a5d4&nc=true&ce=false

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
cf-ray: 64003eb3ffaf1786-FRA
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
cf-request-id: 09740584790000178682263000000001
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=dQh3xGUc%2BI%2BKLwZgCZ%2F5A%2FoWaYXKDVjyQGjq%2F79Q9pzaa3OhiwK2z78WRtU9DzrJNFy5tX17p%2FwTTNx06Gi72uacPQcWWuhmSQlsppHV0wLqU%2FMFm8Flp7U2SVrM%2BQ%3D%3D"}],"max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H3-Q050 200 container.html Show response
407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 221A 6 KB
3 KB 36ms
21ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 14 Apr 2021 22:07:04 GMT
expires: Thu, 14 Apr 2022 22:07:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1F29 73 KB
28 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 1F29 8 KB
7 KB 36ms
16ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021041201&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

96941cb622b35d44c8926235f73a22a9efc5e1847abf14045d96981bd27e8040

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6492
x-xss-protection: 0

GET
H3-Q050 200 container.html Show response
8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame 5076 6 KB
3 KB 19ms
18ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 14 Apr 2021 22:07:04 GMT
expires: Thu, 14 Apr 2022 22:07:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame 8038 73 KB
28 KB 40ms
40ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H2 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame 8038 9 KB
7 KB 21ms
18ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

53af0e86aaec7cc5f0eec16ab65284b48b944d45b2c4a0cc517f894e25897dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6639
x-xss-protection: 0

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A9FD 0
0 71ms
69ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvfX9kl9PYF4SyP71gIMqMMJB3JHwl6zD0HK-Yl3Mo521R4uQYLcMc8l2ntRh6ZgA2ik0IiHg6gjpMpTiZb_fsARhO5CQEiig1m4qejBIXBRnodzAMeBsmEgpvhQAK4pMsu8eeNIgXqlyAJO8GyFSOBOWAEq5y8zTOkiSp8xiTF2JMPNxI4zb0Cqz7Ci6VlXH04F0zBEoFIazhNYOvQm0g-Gvq10FrbNcJFJ6lz-t9Tx9URQ-R14afIS46BD-XmAvItpZbyCUopCaDD_tNRTsBW72UwGeBCn9Ebk07pAdfng4MTgqEn5LEJ_MWmjFWs1CNBCDBDZj79xg&sai=AMfl-YTN4Hd74ti970PGCIS8rpR9v9f9wJemisfzp8qUFF-eD8nHdYc9iW-kXcMjIrGwY_KrD9KntlBwCK_SWjTveTOXiY8xAfb4Vyp1-p_DwszTFe7d7FigWdsdLY1ZAqYf&sig=Cg0ArKJSzPaUwhY4DJnnEAE&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/ Frame A9FD 17 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/abg_lite_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:05:42 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 82
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7114
x-xss-protection: 0
server: cafe
etag: 17366458733339412862
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 22:05:42 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/ Frame A9FD 2 KB
1 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210413/r20110914/client/window_focus_fy2019.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:00:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 410
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1303
x-xss-protection: 0
server: cafe
etag: 14729628269804859526
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 22:00:14 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame A9FD 118 KB
36 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 204 l
www.google.com/ads/measurement/ Frame A9FD 0
0 42ms
27ms Image
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.google.com/ads/measurement/l?ebcid=ALh7CaRNHLOk3im5iWGx7ykRrEVDDFtTxofLVrwm53HwnETXm1O1GdZlek3hqfNc5XRTb_p3VWMR
Requested by: Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

GET
H3-Q050 200 9547351188292174112
tpc.googlesyndication.com/simgad/ Frame A9FD 123 KB
123 KB 9ms
8ms Image
image/jpeg 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9547351188292174112

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2cb6b65c7eaebaa3113e4befc1ad1c16805cb1cd1dc99cc7cd715738b4a29e9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 12 Apr 2021 09:14:26 GMT
x-content-type-options: nosniff
age: 219158
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 125668
x-xss-protection: 0
last-modified: Mon, 22 Mar 2021 18:53:56 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 12 Apr 2022 09:14:26 GMT

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame B94C 73 KB
28 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame B94C 8 KB
6 KB 46ms
31ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c8e8d444ac2542a7a655c17983adb1d0555b87f7ffbae6ab72746fda947931aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6530
x-xss-protection: 0

GET
H3-Q050 200 container.html Show response
bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/ Frame DFA1 6 KB
3 KB 7ms
6ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
:scheme: https
:path: /safeframe/1-0-38/html/container.html?n=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 3108
date: Wed, 14 Apr 2021 22:07:04 GMT
expires: Thu, 14 Apr 2022 22:07:04 GMT
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, immutable, max-age=31536000
age: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ Frame FB93 73 KB
28 KB 42ms
41ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253580951442"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28266
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ Frame FB93 8 KB
7 KB 34ms
30ms XHR
application/json 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=2021040804&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7928c85a2d48ff4fecf8280822338d8fa67b93ef9d02fef5dce58322808695a7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6550
x-xss-protection: 0

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 1F29 17 KB
6 KB 16ms
15ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021041201.js?31060782

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame 8038 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame FB93 17 KB
6 KB 13ms
13ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ Frame B94C 17 KB
6 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/gpt/pubads_impl_2021040804.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1616005470650935"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6437
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 5076 22 KB
7 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10386
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 19:13:58 GMT

GET
H/1.1 200
OK dvbs_src.js Show response
cdn.doubleverify.com/ Frame 5076 2 KB
2 KB 30ms
9ms Script
application/javascript 2a02:26f0:10c:488::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13506857&cmp=25229560&plc=294801825&sid=6648562&dvregion=0&unit=970x250
Requested by: Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:04 GMT
Content-Encoding: gzip
Last-Modified: Wed, 14 Apr 2021 11:40:05 GMT
Server: Microsoft-IIS/10.0
ETag: "eb910ea2231d71:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=86400
Connection: keep-alive
Accept-Ranges: bytes
Timing-Allow-Origin: *
Content-Length: 1338

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 5076 118 KB
36 KB 44ms
44ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
DATA 200
OK truncated
/ Frame A9FD 217 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a6595cb9b31af440e97373e0255038873f2ded820356e9448ae59eac9219ad5a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame 221A 22 KB
7 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10386
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 19:13:58 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 221A 7 KB
4 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 21:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 15:25:31 GMT
server: sffe
age: 2493
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:25:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 221A 118 KB
36 KB 43ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame FAB9 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 14 Apr 2021 20:19:32 GMT
expires: Thu, 14 Apr 2022 20:19:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-38/js/ Frame DFA1 22 KB
7 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-38/js/ext.js

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:13:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 10386
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7022
x-xss-protection: 0
last-modified: Tue, 02 Mar 2021 20:17:03 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 19:13:58 GMT

GET
H3-Q050 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DFA1 7 KB
4 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 21:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 07 Apr 2021 15:25:31 GMT
server: sffe
age: 2493
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=3600
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3587
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:25:31 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFA1 118 KB
36 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame A9FD 0
0 120ms
81ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsux8NF8YcYwnsknj5h41r-aIDGfCyX1hZHR2m7Q-S1uNwBGJHi2iI9biEsyXw1mXWNiVc7hex8urOvDq9zIAc7-rx54W2iz7gFr0leG06EDV_FEVFI3KhTI8GBaD-ImpsbwLv8FBgt4kJK8JOHmRlRW5xSAMbecTcyYfPavDczZwgOeb18q4S82pEzut4sBhIxoERM-NQgDwiSm4DJhWP0YUo1g17658U0nc7VkOtfrfWNCa16Dt0rrryonldClbuxQgCFl5xL-WswP6iOa8u2qBUgJMHd4HOFCHfzVTB8BCJL75mM_gsOaXAZWt5r4aMmwTMnOoiwCknwh&sai=AMfl-YS85facL_kaYZMcXSPkvDO9w9FsM3J8KGUVX0mKHqYO64j_vXkrUPI9yEG4uXooWink1_YYeXr09fD489otpGOMVsN6v_BsDn0npXKCGZ5d2PRAvh07Tw7EPu72NSpk&sig=Cg0ArKJSzJlSLXTEw4T8EAE&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame E6B4 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 14 Apr 2021 20:19:32 GMT
expires: Thu, 14 Apr 2022 20:19:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame 474F 12 KB
5 KB 6ms
5ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 14 Apr 2021 20:19:32 GMT
expires: Thu, 14 Apr 2022 20:19:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 97C0 783 B
792 B 16ms
16ms Document
text/html 2a00:1450:4001:829::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

be6bee41d3176d6168a634ab782e68ff0b80554cb940397dd51282ed43543d5f

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-OZRgSlRJEU3h+AbHBbYhIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

expires: Wed, 14 Apr 2021 22:07:04 GMT
date: Wed, 14 Apr 2021 22:07:04 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-OZRgSlRJEU3h+AbHBbYhIA' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/222/ Frame DA71 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/222/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.cyberscoop.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.cyberscoop.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5022
date: Wed, 14 Apr 2021 20:19:32 GMT
expires: Thu, 14 Apr 2022 20:19:32 GMT
last-modified: Wed, 20 Jan 2021 19:23:06 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6452
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5076 0
0 68ms
68ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstUUjEyzULeCBDmlRVkhOhaBSdlFrRZbFcmfbGYy5rMotqK7JcsA1HXKdZ8GDAyjxorClV7Mr0yA6HXIEuUIGaL3SAK6h6ER2pCgJXEdCaHAVoFj6UIjRzrPnNky39SnE2tAmVSAcqaNwO0vVRK0BQT6YdB2zqyKzlwc_NDvgPJtyLdnA4iSPxN9t_IjzenaJSk_2xyE6wfz_0GHKp69ZiWyltknLrRzv2UHHSLtgtdu-BWgkgv08lY1nR3APvdHQC-m-4nhUghd8hipAWFoXjdw1bDe2BkQtweKs6AyDm825zbypzBXs1WC15Ad5WuI11Or0pa7fBlPcrh680&sai=AMfl-YRQZZbzLFepCCS0fvVRWTaaVU4D-iKVRHCpisZNBIfM5AgL1iV0vUtT3DstVbMdbTtAJq8j_wZYOu-Kfk7-XP8kZyPkshtHTdf2GRF5MF0vo9i6R4P-KKc4r1IwncMS&sig=Cg0ArKJSzO7IOintQaIhEAE&urlfix=1&adurl=

Requested by

Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK dvbs_src_internal79.js Show response
cdn.doubleverify.com/ Frame 5076 53 KB
17 KB 10ms
10ms Script
application/javascript 2a02:26f0:10c:488::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src.js?ctx=13506857&cmp=25229560&plc=294801825&sid=6648562&dvregion=0&unit=970x250
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 40adb937145b21abf0b1dde7dfa4d0a80be21ce7bf7d4f85ca944022a23c6785

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 16 Aug 2020 05:50:22 GMT
Server: Microsoft-IIS/10.0
ETag: "0a34a219173d61:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=946080000
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 16756

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 221A 0
0 69ms
69ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsswa8tp8YAJXVuTY9SaqPY4Wue4kYNhez5zoLsZt7psEMBXJcVKcci_rMJNeRRaU3Xi6NLsDQes5_4DGzzjz2F-zi8MJlMnE6MwbmQaitc7KSbuL6dmBtWDo0VATrejhC4ZCeyUhNHthKqpI4wHTzhmqDvcAY356ti_LXDE4oyqvgm-F-GnE38yku9yBF5whZF5ooop7TQdh6QwtoYczPCQOVS8boxFBrE2Ugc6v-i9N7OpNwtX5aNotKzPfVyscl7J4LDRaPlVELp5KnreHU-apX2FYwHD_V9f5FVN2FMsM3S8v3IrT0IUGCeW_jhGUxGOqA&sai=AMfl-YSGdcGZXWJlmojQaDmGDICE_DzIUr0Y83iviUSmBArwxX5-Zm4BpqAgO5D7yAQRps9EcLBo7XZiQvVbJI1FdNljHKx4O1kO6LFR95ejlK63Rz0fMx9NGGISPC5VsD1e&sig=Cg0ArKJSzM-ZZ3fepmCfEAE&urlfix=1&adurl=

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 impl_v70.js Show response
www.googletagservices.com/dcm/ Frame 221A 36 KB
15 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v70.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:43:23 GMT
server: sffe
age: 9693
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:25:31 GMT

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFA1 0
0 68ms
67ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuP_fsOwHLogiHk_beNgouAGjtPZSbjFyR5n59F3YzYOK1tWfEFKYddKxdMuvc054qUXsh4RZBfz6DtAqfMCWFGKBNklAk0OGMry1vOkUqSLSQQYOvxaNftZIevERxgW-p8nf44NfXWi-XKBJZkz-O6K0j-bC2JLf5Ye0MRFLArsVX9trR4LZETH556z-YBvfLwajjSUKozd8AhrXAVLrRtnGlttZQtB7mtBgm7dJYu3wIWICHTcZQiMpo2wVNXoO4V8fFeXBTBe3eQjAHycb7rYuqKiUXvRCeEagZPgkeHQJjwBc0s7t_WR2JJqaSRmpQy6b5irT1pwuMTQQ&sai=AMfl-YR3-aMVV0l_tsHeqgjGMKwAJSQbczkhAPO_DPsKGU6S5B_eYcOUWIK9GvEK2UCgcZs2dF8pw6W9qimdLsovRWkKOjHLHGvPycTFHx4u6fSHaJqPzrapxNLL_j4Qkhip&sig=Cg0ArKJSzLml3WviDLDOEAE&urlfix=1&adurl=

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 impl_v70.js Show response
www.googletagservices.com/dcm/ Frame DFA1 36 KB
15 KB 26ms
26ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v70.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 05 Apr 2021 15:43:23 GMT
server: sffe
age: 9693
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15292
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:25:31 GMT

GET
H/1.1 200
OK bst2tv3.html Show response
cdn3.doubleverify.com/ Frame A021 1 KB
1 KB 27ms
7ms Document
text/html 2a02:26f0:7100:1aa::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.doubleverify.com/bst2tv3.html
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:7100:1aa::4469 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: 86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558

Request headers

Host: cdn3.doubleverify.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/

Response headers

Content-Type: text/html
Content-Encoding: gzip
Last-Modified: Tue, 02 Sep 2014 17:01:36 GMT
Accept-Ranges: bytes
ETag: "01818ecfc6cf1:0"
Vary: Accept-Encoding
Server: Microsoft-IIS/10.0
Content-Length: 806
Cache-Control: max-age=33734
Date: Wed, 14 Apr 2021 22:07:04 GMT
Connection: keep-alive

GET
H/1.1 200
OK verify.js Show response
rtb0.doubleverify.com/ Frame 5076 8 KB
4 KB 101ms
35ms Script
text/javascript 213.254.244.26
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to

Full URL: https://rtb0.doubleverify.com/verify.js?jsCallback=__verify_callback_496621422897&jsTagObjCallback=__tagObject_callback_496621422897&num=6&ctx=13506857&cmp=25229560&plc=294801825&sid=6648562&advid=&adsrv=&unit=970x250&isdvvid=&uid=496621422897&tagtype=&adID=&app=&sup=&isovv=0&gmnpo=&crt=&dup=null&brid=0&brver=&bridua=3&srcurlD=1&ssl=1&refD=2&htmlmsging=1&aUrlD=3&m1=13&noc=16&fcifrms=5&brh=2&vavbkt=&lvvn=28&dvp_idcerr=undefined&ver=128&eparams=DC4FC%3Dl9EEADTbpTauTauHHH%5D4J36CD4%40%40A%5D4%40%3ETauU2%3F4r92%3A%3Fl9EEADTbpTauTauHHH%5D4J36CD4%40%40A%5D4%40%3ETar9EEADTbpTauTauHHH%5D4J36CD4%40%40A%5D4%40%3ETar9EEADTbpTauTaughchdh%603a46a3355g%60e_%60g2dga624_d7%5DD2767C2%3E6%5D8%40%408%3D6DJ%3F5%3A42E%3A%40%3F%5D4%40%3EU2%26C%3Dl23%40FETbp3%3D2%3F%3C
Requested by: Host: cdn.doubleverify.com
URL: https://cdn.doubleverify.com/dvbs_src_internal79.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.26 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 11c32c7e51c02009a2b7fa42f456cf5605c5f4593cce30a05675726ff7e74f10

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
X-DV-Response: 1
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: text/javascript; charset=utf-8
Cache-Control: max-age=0
Transfer-Encoding: chunked
Date: Wed, 14 Apr 2021 22:07:04 GMT
Expires: 4/13/2021 10:07:04 PM

GET
H/1.1 200
OK dv-match6.js Show response
cdn.doubleverify.com/ Frame 6B51 4 KB
2 KB 9ms
9ms Script
application/javascript 2a02:26f0:10c:488::4469
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.doubleverify.com/dv-match6.js
Requested by: Host: hs-7940188.t.hubspotstarter-jn.net
URL: https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:10c:488::4469 Düsseldorf, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Microsoft-IIS/10.0 /
Resource Hash: d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Wed, 14 Apr 2021 22:07:04 GMT
Content-Encoding: gzip
Last-Modified: Sun, 11 Mar 2018 04:45:12 GMT
Server: Microsoft-IIS/10.0
ETag: "03c84bdf3b8d31:0"
Vary: Accept-Encoding
Content-Type: application/javascript
Cache-Control: max-age=34152
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1935

GET
H2 200 B25263370.294799310;dc_ver=70.201;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gng7kd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstKjQxkyFsk3_lCFlYGSp-edyDJM... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame 221A 39 KB
18 KB 133ms
60ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294799310;dc_ver=70.201;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gng7kd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstKjQxkyFsk3_lCFlYGSp-edyDJM4SdWYuQG13QR3pdiIIRLKud7SrHVDN2cdH0WhA1C435pnwPTJMLYFq6sKtz9JC0LouTvfi4NlW-cFwj3LOD998eDIlvrMULMRbfRUOpAflGwN5wo1etvsZlMWrml9kfP_stZLThfssFo7xNp2_NcxJtjNUBXh-pj6TPmdVxqj8DIQCCEjV1x96lUrliSacnjydrSAIpZt-y_Fmq_oacwd70iKWTRmjn-4WTFIAtngLlfiYFrYW1nyDosIV896MM6Sm1M_U25scXjbDRqPFZJKLjw3MtngIYHlir3Q%26sai%3DAMfl-YTtjrhAc8-7GGZrhp9S5jXgT9LUsmOf7af46LL2Hqlz4XrSvRb4ulkE960UGf5KrFhtOPJm92TaAb_oiSRLv4Bsr_XMYqJz_FcnbZWnfkjU_bEZEeMi2qfywMipXS5A%26sig%3DCg0ArKJSzBqDs_p5rINMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=qoIUiafdLv;osda=1;sttr=77;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

5a9b349ecf59f1982f25128bdfb0b38a2da7b187c12f1ebac950bcb31a0de269

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18084
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B25263370.294795197;dc_ver=70.201;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=kwe9ea;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstqh2MU9d_dXFnoSJN__m1yTn40... Show response
ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/ Frame DFA1 49 KB
19 KB 145ms
78ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294795197;dc_ver=70.201;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=kwe9ea;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstqh2MU9d_dXFnoSJN__m1yTn40Xq2MSs82eWqJa--HMFsjaLl3SGW8S0oiRJ6ASLutOJoRl7h9OPlDArKd4POc8r33lvCacwP-bZ3vUAtT2UVAkmwDtRrpts9OZZKDBRh3lCMtfRPoqfXnjgLQ6o3QPkmG7M0ns559myOQ69dvZD8O1KUJMudg2vxB1H25IfvAxx2d6bjdxpcUkkCajEC-oqf9GXA1KTmbHlP4g40E8yURwC_1_rf-DLdFZKd3QshKcZj5w1PqmJ745NDk4s_M2o7yGQhUiwNX--gA4QT1In1FSGeTo6oR2f-4PLtLQSmia1XQkGVuag%26sai%3DAMfl-YTXz8_XOlQv_0eC3oWzZcveQd1ycCtoXZwVpd2btuSmChXr9e8AnZRfNhf22OY6HLfGvnPbEPZeSghaQE4DGk-3Eaj9ZuAqhmuJVInE2110qbBFroz6Z-AH6p1d5FAK%26sig%3DCg0ArKJSzPJqWC65JJ6PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VrSdOkSBw7;osda=1;sttr=78;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v70.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

8ac3a48fb1420fcacb42797a2474568ced617a83c7fb7ee643f407cb97d9680c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19530
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame FAB9 14 KB
6 KB 35ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 10896
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame E6B4 14 KB
6 KB 31ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 10896
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame 474F 14 KB
6 KB 27ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 10896
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame DA71 14 KB
6 KB 25ms
20ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/222/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 10896
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 5076 807 B
1 KB 96ms
32ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=5df620c93b1846acaabb6e14a7714af1&dvp_or2=1&cbust=1618438024817679
Requested by: Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/13/2021 10:07:04 PM

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 5076 807 B
1 KB 97ms
32ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=5df620c93b1846acaabb6e14a7714af1&vfdur=102&cbust=1618438024817249
Requested by: Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/13/2021 10:07:04 PM

GET
H/1.1 200
OK bsevent.gif
tps20515.doubleverify.com/ Frame 5076 807 B
1 KB 97ms
32ms Image
image/gif 213.254.244.13
DOUBLE-VERIFY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tps20515.doubleverify.com/bsevent.gif?impid=5df620c93b1846acaabb6e14a7714af1&pltfrm=Linux%20x86_64&dvp_ndp_sow=1600&dvp_ndp_soh=1200&dvp_ac_version=0505&dvp_ndp6=false&dvp_acifd=0&bsigr=17179875344&cbust=1618438024818583
Requested by: Host: 8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
URL: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 213.254.244.13 , United States, ASN36062 (DOUBLE-VERIFY, US),
Reverse DNS
Software: Microsoft-IIS/8.0 / ASP.NET
Resource Hash: 78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:04 GMT
Content-Encoding: gzip
Server: Microsoft-IIS/8.0
X-Powered-By: ASP.NET
Vary: Accept-Encoding
Content-Type: image/gif
Cache-Control: max-age=0
Content-Length: 860
Expires: 4/13/2021 10:07:04 PM

GET
DATA 200
OK truncated
/ Frame 5076 1 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 5076 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1a82bc38f6fb83f2b47565a636020d2a34a5f6b0b77be3ce82b6d84d166c451a

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52662418/ Frame 221A 224 KB
73 KB 196ms
93ms Script
application/javascript 52.48.134.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52662418/skeleton.js
Requested by: Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294799310;dc_ver=70.201;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gng7kd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstKjQxkyFsk3_lCFlYGSp-edyDJM4SdWYuQG13QR3pdiIIRLKud7SrHVDN2cdH0WhA1C435pnwPTJMLYFq6sKtz9JC0LouTvfi4NlW-cFwj3LOD998eDIlvrMULMRbfRUOpAflGwN5wo1etvsZlMWrml9kfP_stZLThfssFo7xNp2_NcxJtjNUBXh-pj6TPmdVxqj8DIQCCEjV1x96lUrliSacnjydrSAIpZt-y_Fmq_oacwd70iKWTRmjn-4WTFIAtngLlfiYFrYW1nyDosIV896MM6Sm1M_U25scXjbDRqPFZJKLjw3MtngIYHlir3Q%26sai%3DAMfl-YTtjrhAc8-7GGZrhp9S5jXgT9LUsmOf7af46LL2Hqlz4XrSvRb4ulkE960UGf5KrFhtOPJm92TaAb_oiSRLv4Bsr_XMYqJz_FcnbZWnfkjU_bEZEeMi2qfywMipXS5A%26sig%3DCg0ArKJSzBqDs_p5rINMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=qoIUiafdLv;osda=1;sttr=77;prcl=s
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.134.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-134-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: af59aa73c9d7f4c79af14582d0455eb2950995d4fe5ed754d9c1eb7d09acc4a1

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
x-server-name: app28.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210413/r20110914/elements/html/ Frame 221A 8 KB
3 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210413/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294799310;dc_ver=70.201;dc_eid=40004000;sz=300x600;u_sd=1;dc_adk=192105431;ord=gng7kd;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstKjQxkyFsk3_lCFlYGSp-edyDJM4SdWYuQG13QR3pdiIIRLKud7SrHVDN2cdH0WhA1C435pnwPTJMLYFq6sKtz9JC0LouTvfi4NlW-cFwj3LOD998eDIlvrMULMRbfRUOpAflGwN5wo1etvsZlMWrml9kfP_stZLThfssFo7xNp2_NcxJtjNUBXh-pj6TPmdVxqj8DIQCCEjV1x96lUrliSacnjydrSAIpZt-y_Fmq_oacwd70iKWTRmjn-4WTFIAtngLlfiYFrYW1nyDosIV896MM6Sm1M_U25scXjbDRqPFZJKLjw3MtngIYHlir3Q%26sai%3DAMfl-YTtjrhAc8-7GGZrhp9S5jXgT9LUsmOf7af46LL2Hqlz4XrSvRb4ulkE960UGf5KrFhtOPJm92TaAb_oiSRLv4Bsr_XMYqJz_FcnbZWnfkjU_bEZEeMi2qfywMipXS5A%26sig%3DCg0ArKJSzBqDs_p5rINMEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=qoIUiafdLv;osda=1;sttr=77;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 22:00:03 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 221A 0
528 B 115ms
42ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjssqkK6PGMg2RG4IB-De50xXSWmmis5G0juhfhdOkGI5nuFWvQai-v5M1iDEFUv5av0gwrDvIgF8FUFhuRmtktMzrd3JttNG0mZ0gzhgEGRYxom4nv7bYDexsqUjV2wuUmrX9b8Ij-XbFrF2dnDGhCk&sig=Cg0ArKJSzLAMDqXAgoo5EAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=1&cbvp=1&cstd=0&cisv=r20210413.03479&adurl=

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:04 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 221A 41 KB
15 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9691
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 19:25:33 GMT

GET
H2 200 MSFTJUM_Vertical-Government_Elitebook-805-G7_Learn-More_EN_300x600__Jpg_____.jpg
s0.2mdn.net/4807732/ Frame 221A 23 KB
23 KB 29ms
7ms Image
image/jpeg 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/MSFTJUM_Vertical-Government_Elitebook-805-G7_Learn-More_EN_300x600__Jpg_____.jpg

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

35714430b17fec47bdd381e2621c738afbbc62cb7e98aae540a177a91bea8550

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 21:42:46 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 18:38:22 GMT
server: sffe
age: 1458
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23151
x-xss-protection: 0
expires: Thu, 15 Apr 2021 21:42:46 GMT

GET
H/1.1

200
OK

firstevent
hp.demdex.net/ Frame 221A
Redirect Chain

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145400475&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=3577855070
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145400475&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=3577855070

42 B
913 B

78ms
51ms

Image
image/gif

52.51.81.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145400475&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=3577855070

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.81.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-81-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-07f38ef0b.edge-irl1.demdex.com 5.80.7.20210304103356 3ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: kAhTrR+DToI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: aOMEoDwTT2c=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145400475&d_adgroup=488015189&d_placement=294799310&d_campaign=25263370&d_bust=3577855070
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

5105
linkto.ext.hp.com/i/0/342132/ Frame 221A
Redirect Chain

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294799310%26level%3D1%26srcref%3Dhttps%253A%252F%25...
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%2F&b...

50 B
243 B

66ms
66ms

Image
image/gif

35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%2F&brwsr=bf4f18fd-9d6d-11eb-a8a3-42010a246629&brwsrsig=TFZ02dyQaRB0TsLwF71cqXYw2HGSHH
Requested by: Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Wed, 14 Apr 2021 22:07:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294799310&level=1&srcref=https%3A%2F%2F407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com%2F&brwsr=bf4f18fd-9d6d-11eb-a8a3-42010a246629&brwsrsig=TFZ02dyQaRB0TsLwF71cqXYw2HGSHH
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 221A 118 KB
36 KB 42ms
42ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:04 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/582938/52662249/ Frame DFA1 224 KB
73 KB 164ms
82ms Script
application/javascript 52.48.134.198
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/582938/52662249/skeleton.js
Requested by: Host: hs-7940188.t.hubspotstarter-jn.net
URL: https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.48.134.198 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-48-134-198.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 20aaf552327d1302a9b6d3d4fbe98152251ce9eb15a101c7b7f71349c4b95538

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
x-server-name: app03.ie.303net.net
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
server: nginx
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_271.js Show response
s0.2mdn.net/879366/ Frame DFA1 111 KB
39 KB 26ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9691
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39287
x-xss-protection: 0
last-modified: Wed, 14 Oct 2020 18:02:50 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 15 Apr 2021 19:25:33 GMT

GET
H3-Q050 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20210413/r20110914/elements/html/ Frame DFA1 8 KB
3 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210413/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N5823.138004FEDSCOOP.COM/B25263370.294795197;dc_ver=70.201;dc_eid=40004000;sz=300x250;u_sd=1;dc_adk=2235259097;ord=kwe9ea;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjstqh2MU9d_dXFnoSJN__m1yTn40Xq2MSs82eWqJa--HMFsjaLl3SGW8S0oiRJ6ASLutOJoRl7h9OPlDArKd4POc8r33lvCacwP-bZ3vUAtT2UVAkmwDtRrpts9OZZKDBRh3lCMtfRPoqfXnjgLQ6o3QPkmG7M0ns559myOQ69dvZD8O1KUJMudg2vxB1H25IfvAxx2d6bjdxpcUkkCajEC-oqf9GXA1KTmbHlP4g40E8yURwC_1_rf-DLdFZKd3QshKcZj5w1PqmJ745NDk4s_M2o7yGQhUiwNX--gA4QT1In1FSGeTo6oR2f-4PLtLQSmia1XQkGVuag%26sai%3DAMfl-YTXz8_XOlQv_0eC3oWzZcveQd1ycCtoXZwVpd2btuSmChXr9e8AnZRfNhf22OY6HLfGvnPbEPZeSghaQE4DGk-3Eaj9ZuAqhmuJVInE2110qbBFroz6Z-AH6p1d5FAK%26sig%3DCg0ArKJSzPJqWC65JJ6PEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;dc_rfl=2,https%3A%2F%2Fwww.cyberscoop.com$2,https%3A%2F%2Fwww.cyberscoop.com%2F$0;xdt=1;crlt=VrSdOkSBw7;osda=1;sttr=78;prcl=s

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:00:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 421
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3124
x-xss-protection: 0
server: cafe
etag: 4537136162986801320
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 28 Apr 2021 22:00:03 GMT

GET
H3-Q050 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DFA1 41 KB
15 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:25:33 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 9691
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 14 Apr 2022 19:25:33 GMT

GET
DATA 200
OK truncated
/ Frame DFA1 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 448b09d82616c7b17b50eed222203cbf1776124c80da6fe799c853bc69be296c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 5076 0
0 67ms
66ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstbx3TKqi4BUsb6Q8OSq6f8OxNT5rE5Xbt7F2W2UPAqxuCZ6Ym5L_9xYHfFjMZ0ks7pAz-w1Yt9j-L_8Mn6e1KFw8BTm4ADt-nmAzM3-yOyyfGCUvYWn6A2GYOo-19eDfiMFkTMUdpVslz5xAr34S_rF1g7GFNaSqzbgP1FPedTaZZzdDm0LA2Gn2aFFbHgIPECDNgGgP_AE48Cym_XerpNhyfI635ImzPnU1V3WDzZO3m9IO865XSM4lqswvPvgc8cL9xwFtNXDP70CXQ7eJr0cMn-Ob6UZcvG5Ne1ya7FfuPmaashjreyJpkwOUoDt_-Vh-J7bOq0-78qDeooRA&sai=AMfl-YS3TkDGwJJsAFFc0_7-mNp6JTZ92vQ6WqMo6fRwrVCbDETtKjuJLL_Y8REqvWCqKDyubb5sZeoDWcCmzJP3-vOX76FITlMwlVpw08NejqbsI2FFKCGUOUMovdxdecmP&sig=Cg0ArKJSzPEqOkppZ7EcEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Apr 2021 22:07:05 GMT

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 221A 0
60 B 42ms
41ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
DATA 200
OK truncated
/ Frame 221A 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d84b9c7fb4e399bb8dcd340005b7338031d75ad2289e32d69687ec843879c067

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 664E 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 14 Apr 2021 20:19:31 GMT
expires: Thu, 14 Apr 2022 20:19:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6454
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 68AA 22 KB
8 KB 6ms
6ms Document
text/html 2a00:1450:4001:800::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/Enqz_20U.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 8395
date: Wed, 14 Apr 2021 20:19:31 GMT
expires: Thu, 14 Apr 2022 20:19:31 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 6454
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame 221A 0
0 68ms
67ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssHn3KMLDWWrPhfEilXaPvdXuu0y4ooSLpvz1JTc3PfCcty2AxIpVBSFPWo7FjDOzbCXzMVCkboCmbdHfAJkUMpFNJKuzG7t3qyIIlUyQiY05hoFQ9h8wZKTk-Z4BgUnajci3ZsaAf3l1_jO41dFpVdoPWpmHKusDy1o_daSh-r33TTdCmXytcDOdMqqsmn-lGoEdXk1Zumna4AWdSK_wW5LWWY903d28BeEnsuMT-pGQ3Sko8dKRHoe-V73TxM6Ds9PMhuzEwiFPCHo8bPlHMMVmhhAskea92mt7FMJVf8F0GgNLLdOO1Zmsq7i3KN86svhQOD&sai=AMfl-YSPU33dMrH_hODQTkj9t9v1Eu5L5Iond8Ep27YPPVKF7HORuRAc2VllHxz8SP9ePTgmAQ-xEmhRYhDeY_OBzFAqVD0Ze8Ln53W9z3ND76KNafr3bHNmJPr4PqOq_AP9&sig=Cg0ArKJSzHzeLm79eLwvEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DFA1 118 KB
36 KB 39ms
39ms Script
text/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1618253573924606"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36714
x-xss-protection: 0
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H3-Q050 200 index.html Show response
s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/ Frame 345B 8 KB
3 KB 34ms
20ms Document
text/html 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_271.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59e883e8012b289177994f2ece9e710c900971403239bd79c62a7e93c9a37207

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: s0.2mdn.net
:scheme: https
:path: /4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-length: 2908
date: Wed, 14 Apr 2021 08:14:51 GMT
expires: Thu, 15 Apr 2021 08:14:51 GMT
last-modified: Fri, 29 Jan 2021 18:54:49 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
age: 49934
cache-control: public, max-age=86400
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFA1 0
515 B 128ms
42ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvggRRda626nP-_KbbNBL9d1ZVUoQkzTeY6f4sfCdxI-00vJ1z0boIMX6LCL83NwRaUCWDOW1F0R6ESZfoYbKy15VLAeIwNlfNjC1b5lrS4koTuEHbkNrE0WCQxtIBtcnIOWZS_9UL56DKPhsGTSYU&sig=Cg0ArKJSzHCbpy-ywMoSEAE&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=177&cbvp=1&cstd=174&cisv=r20210413.96716&adurl=

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1

200
OK

firstevent
hp.demdex.net/ Frame DFA1
Redirect Chain

https://hp.demdex.net/event?d_event=imp&d_src=242750&d_site=6636866&d_creative=145404087&d_adgroup=488015192&d_placement=294795197&d_campaign=25263370&d_bust=999431006
https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145404087&d_adgroup=488015192&d_placement=294795197&d_campaign=25263370&d_bust=999431006

42 B
913 B

55ms
54ms

Image
image/gif

52.51.81.153
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145404087&d_adgroup=488015192&d_placement=294795197&d_campaign=25263370&d_bust=999431006

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.51.81.153 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-51-81-153.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-0597489be.edge-irl1.demdex.com 5.80.7.20210304103356 2ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: itNmhlakTsc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: EZXHK7qASFM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://hp.demdex.net/firstevent?d_event=imp&d_src=242750&d_site=6636866&d_creative=145404087&d_adgroup=488015192&d_placement=294795197&d_campaign=25263370&d_bust=999431006
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

5105
linkto.ext.hp.com/i/0/342132/ Frame DFA1
Redirect Chain

https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294795197
https://www.ojrq.net/p/?return=https%3A%2F%2Flinkto.ext.hp.com%2Fi%2F0%2F342132%2F5105%3Fsiteid%3D6636866%26adcampaign%3D25263370%26adplacement%3D294795197%26level%3D1%26srcref%3Dhttps%253A%252F%25...
https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294795197&level=1&srcref=https%3A%2F%2Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%2F&b...

50 B
232 B

66ms
66ms

Image
image/gif

35.244.184.212
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294795197&level=1&srcref=https%3A%2F%2Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%2F&brwsr=bf4f18fd-9d6d-11eb-a8a3-42010a246629&brwsrsig=TFZ02dyQaRB0TsLwF71cqXYw2HGSHH
Requested by: Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.184.212 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 212.184.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-type: image/gif
alt-svc: clear
content-length: 50
expires: Wed, 14 Apr 2021 22:07:05 GMT

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ALL BUS LEG DSP COR ADM CUR DEV PSA OUR NAV INT"
location: https://linkto.ext.hp.com/i/0/342132/5105?siteid=6636866&adcampaign=25263370&adplacement=294795197&level=1&srcref=https%3A%2F%2Fbde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com%2F&brwsr=bf4f18fd-9d6d-11eb-a8a3-42010a246629&brwsrsig=TFZ02dyQaRB0TsLwF71cqXYw2HGSHH
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
alt-svc: clear
content-length: 0
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame 221A
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52662418/4.js?adContainerId=gcc_iGd3YNyLLqbb7_UPxM6QwAM&cbFunctionName=goog_wrapCb_iGd3YNyLLqbb7_UPxM6QwAM&true_pb=&adsafe_pb=https%3A%2F%2Fstatic.adsaf...
https://static.adsafeprotected.com/4a.js

1 KB
1 KB

103ms
103ms

Script
application/javascript

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:51 GMT
server: nginx/1.16.1
age: 25829
etag: W/"da4c85cef3afa0a27abf2b0c541c2cda"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-server-name: app14.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame 325B 82 KB
22 KB 185ms
82ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3375589
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H2

200

4a.js Show response
static.adsafeprotected.com/ Frame DFA1
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/582938/52662249/4.js?adContainerId=brand_safety_iGd3YIaRLu2nx_APy8mnoA0&cbFunctionName=goog_wrapCb_iGd3YIaRLu2nx_APy8mnoA0&true_pb=&adsafe_pb=https%3A%2F%2Fsta...
https://static.adsafeprotected.com/4a.js

1 KB
1 KB

94ms
94ms

Script
application/javascript

54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/4a.js
Requested by: Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
last-modified: Mon, 05 Apr 2021 16:41:51 GMT
server: nginx/1.16.1
age: 104299
etag: W/"da4c85cef3afa0a27abf2b0c541c2cda"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800

Redirect headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-server-name: app20.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/4a.js
cache-control: no-cache
content-length: 0
server: nginx

GET
H2 200 sca.17.5.1.js Show response
static.adsafeprotected.com/ Frame B204 82 KB
22 KB 152ms
92ms Script
application/javascript 54.76.195.29
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.5.1.js
Requested by: Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.195.29 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-195-29.eu-west-1.compute.amazonaws.com
Software: nginx/1.16.1 /
Resource Hash: 134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
last-modified: Thu, 04 Mar 2021 17:39:07 GMT
server: nginx/1.16.1
age: 3376052
etag: W/"793767aa29c23c195c863f01f1e83e06"
x-cache-status: HIT
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000

GET
H3-Q050 200 tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 345B 112 KB
38 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/tweenmax_1.20.0_d360d9a082ccc13b1a1a9b153f86b378_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38407
x-xss-protection: 0
last-modified: Wed, 04 Oct 2017 18:33:56 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H3-Q050 200 createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js Show response
s0.2mdn.net/ads/studio/cached_libs/ Frame 345B 186 KB
48 KB 17ms
16ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/ads/studio/cached_libs/createjs_2015.11.26_54e1c3722102182bb133912ad4442e19_min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 22:07:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49100
x-xss-protection: 0
last-modified: Wed, 16 Mar 2016 13:51:35 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=0
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H3-Q050 200 index.js Show response
s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/ Frame 345B 83 KB
16 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.js?1603721403786

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c1128eb90550b36ed060f566e1ab10f707e0f2d8bcd9da2a370368ebb52ed83

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 08:14:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 49934
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16312
x-xss-protection: 0
last-modified: Fri, 29 Jan 2021 18:54:49 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
expires: Thu, 15 Apr 2021 08:14:51 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 221A 43 B
301 B 331ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=4cdffb77-98ff-4326-5cdb-4533ae10b08b&tv=%7Bc:9NTlaZ,pingTime:-2,time:190,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:558,mdZ:798,beA:877,beZ:879,mfA:880,cmA:882,inA:882,inZ:887,prA:887,prZ:900,si:908,poA:909,poZ:929,cmZ:929,mfZ:929,loA:1035,loZ:1038,ltA:1067,ltZ:1067%7D%7D,sca:%7Bdfp:%7Bdf:4,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:600,t:29%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:190,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:29,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B184~1%5D,as:%5B184~300.600%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:suB31af+1111%7C1112%7C112%7C1131%7C121.582938-52662249%7C1211%7C1212%7C122%7C1231%7C124%7C131*.582938-52662418%7C1311%7C132%7C1331%7C141%7C142%7C143%7C15,idMap:131*,rmeas:1,rend:1,renddet:IMG.qs,sinceFw:158,readyFired:true%7D&br=u
Requested by: Host: 407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
URL: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:05 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame DFA1 43 B
301 B 328ms
108ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=98161efc-2bb4-f796-1d53-df7dd8eb5c9b&tv=%7Bc:9NTlb2,pingTime:-2,time:139,type:a,im:%7Bsf:0,pom:1,prf:%7BmdA:523,mdZ:769,beA:882,beZ:883,mfA:885,cmA:887,inA:887,inZ:892,prA:892,prZ:900,si:907,poA:907,poZ:923,cmZ:923,mfZ:923,loA:996,loZ:999,ltA:1021,ltZ:1021%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:l,w:300,h:250,t:23%7D%5D,es:0,sc:1,ha:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:0,n:140,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:23,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B133~1%5D,as:%5B133~300.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:rjss,dtt:0,fm:suB31af+1111%7C1112%7C112%7C1131%7C121*.582938-52662249%7C1211%7C1212%7C122%7C1231%7C124%7C131.582938-52662418%7C1311%7C1312%7C132%7C1331%7C141%7C142%7C143%7C15,idMap:121*,rmeas:1,rend:1,renddet:DIV.qs.sn,sinceFw:114,readyFired:true%7D&br=u
Requested by: Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:05 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame 664E 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 10897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js Show response
pagead2.googlesyndication.com/bg/ Frame 68AA 14 KB
6 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/UsLlvuITw1lhdTUM-GMkld8y8Djv7Avn-D3pKFbWhiw.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 19:05:28 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Tue, 30 Mar 2021 13:08:00 GMT
server: sffe
age: 10897
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5718
x-xss-protection: 0
expires: Thu, 14 Apr 2022 19:05:28 GMT

GET
H3-Q050 200 HPlogoblue.png
s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/ Frame 345B 11 KB
11 KB 7ms
6ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/HPlogoblue.png?1603721403760

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

476c9cb7a339073a70b9523b8a38434a1a25db4ca9a96baa4dd51762f0cc3873

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:10:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 18:54:49 GMT
server: sffe
age: 61001
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11253
x-xss-protection: 0
expires: Thu, 15 Apr 2021 05:10:24 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFA1 0
27 B 42ms
41ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame B94C 0
111 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=3587456262402239&bg=!gYKlgsbNAAb2K53n9is7ACkAdvg8WsstZicdttplfoWac3Sy3YplphXiUad-x3Gn5T1p5E6YyS0blAIAAAHDUgAAAGdoAQcKAXmGIwHNNjVF5jgvw1ELrR_G7gIr4bgaYZxePsEPZ2M5XOhcVg-91ZT1MkClqKA2RBC_I3aIgBaId1Z5aDQ-_AZ0a0fNERtdzRD8q6nvWwK-Mfh40wS7ZeAvTZHL46OhSmL1ZT0pFCXnaNn3pppSvYkBJ69-jn4rg-b0eGfo0sjgTGppyPNg9YrFm3cl3Eb3oXZnTUkpJTNz4r8Tpxm7W9CUvgtgrBsSyHFW-Evs77oxQ-VmS5b9YMq2M8qg5grni1ZdoyAPN_Onu-PFf9Mv22Bgm-DE-1b5d12EOqfDGOlG8XCFTlp2rZ3mErG6MGPvHOOKbwaFtxKBon8aL0PKIiLJqzUG0uyVZZnFXQpu2zbGCXiPtj1sqOcOU8dpX52eweCkU5JXh6G3dk7dXdUrHavYHi_ky-D49K_rx1VXypzIfrfNZhE1Y9birfhq2bMcfU_3hJuu-i96PpEc9EuhupvzDwnqDLKeGfUQ3ikWiuq9KLESzG3lY76xhpkB8GTeoQMFocEE-fQsfazODI8MR6EacqkDw0zLeam05OpMPY41vosNUZr8D-BQOurA_NExgFU8yR7sC3Oq7WsHJNVABGY4PK53deLMEPYcV0dFZS-s51OGVzFxsNCeGBavX70kR5bcGskFihgKdDAfzmPH-LJPe-adBMVdQ7o9Ul1CxRZbJVkQPdoeqfpsmkRwlKkowicEete-vdXLUhkpEp53zaABB1ROlIJlmHDl4iz5fodwdPyA4JnZ_a9rlHTiu-A-CbHBh0NJur5XR5_R1kwk3nmoYmtVwrGzN6oxfUnmCltaihmrYOZXlsLf3isx3ouFe2_vP2jY6r6M6koerQnpLJgXCcR0eJVRbaWcRqwFfycF6gv-GH3DzTTAM4wKm9wrNkGvyzujtZzbdSbaQSInKp1NBCpJFkf1GUeDy3w9GNcvOCgnDzHbFEM25CEvT9q_ScoadOyhbHLmNsLnWcumw-mRIRvuL-HXSJYsKAf87SkILPT79nJ7F-OxvcKb4QQR7Cdxx-RS0BxU7v1DtM7iqRLE3GsdIna0gxtTU8a3GtqJ0pFQJcSOuGSwJImdsjq43DsDl3KdKeM3PVHQAnAsrRENCn9M6kNZ67IhNlyahWz51PpVVbFHfmggELaoJB9iR3K-OBaBBxAmXFUb27U

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 8038 0
23 B 14ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=3464853365202584&bg=!rq2lrenNAAb2K53n9is7ACkAdvg8WimzFpvxO1UuCL9xsBrnWs11m2xpnDv55IFHlN2KXSMSfG_SwQIAAAJdUgAAACRoAQcKAXqozoZImGyRBHLRgl1SQkDRWiwWjChjFARIvE29gxnq4JDKdtylx3mkUE2fa7odNcIU_S7HHw368GkwB3Mwdc4QXzYSgavij_Y3lO2J47VFAzT6DdOd8WY1GGaP4R5dZ0SXk0Ja1gFgfn3C8rYT2M_5rkRNYrgCHRstqMpWRJHKuWmU4F0HOqIdmbAiZOgcXlC9QJtJfAau9Ro9UqS9PW1kt8-BDXG7lhdRUb9FWcCfRwe9PfO4Wc4TfmquAyc21gPwNXCLZay5H0lzB1fjkuY08H0Eluo22NYjfjW7-jdvnsyIVsIXDn0KSJfO8X_0ICZTxC1o30_PfPTw3n-dL-TZKqTN40jHnPkz2UOpMjwrZWlJaTCLbKaTuWsVk-8HfeaRvwTJoR-ThNCIDUex65nKQnmEL6PreszVUjPYqrvehj8L9Up-bbLSwbXXtMQR8ALqnvrezurt8DAG0Bi54cBZ8X_rjrfyAo4p0KlnxOElxjwBsa9wJc6CNKOZAfXIFIL1Mx1t7NSYR-ZV2X7jjcY9Uwsob-l_dBaLQi7Gi0RqJBz6ZoF_OyN7Md1aASgC7k9SyHbDXNCp2uXlCjjUmfsfdEv1-ipW1KmuuWPIzrYbifm1gG2Sk43ErdWFPTIEzDJERXDvhi1wGcecjyQbDLrPiH2EKmFk2RfiVT0J0NS9Q0zrMRI-ViXrsFelZyM0mFb8kYuqZl3FllNNahRzMovdNPAxKpJHQkpu-9l9WL48kK2f3S091WZuKNs9CvETnvkoRwTLSA_FGWJ9II6nQWEx42nTuaAumNvqOzXs-pbpaWilWL_-yH2MHF6K2puhynEF4H869fWyvetiaMJft5VqhDJtPDt0YfqZS5MnmtPvIv3VtaV1EbmHV7zpyD65sUGdgLNugi-vh7xs2JXTWzWIFFZdP82AgSp1JLNFE7vpqcjGAwO3Fc5ZrHz6mvh-zSwpMJk4JmZ4Htnq-5AFB8qRqZTTbrTCadCXypdPTfFYq7PMMIce7R9RVFnmis3ozA5mu3axpskiphgtoMQLnG1rHkES_XVduCnXjvIqgZ_nQMkDRK9ZsMLU8aRn-gp2zYIbZTTuNJV6yDPbwmn2yfIkDE51YncT86YVVUG9HRsLn51CKNUJPUocq3TkbQXR1g2H69J2aTHor0zZuyrwxqcu1R4

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 hp.png
s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/ Frame 345B 9 KB
9 KB 7ms
6ms Image
image/png 2a00:1450:4001:828::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/hp.png?1603721403760

Requested by

Host: bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
URL: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/safeframe/1-0-38/html/container.html?n=1

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

520947e0a6ba1246bdc07954c354276d8967bb8d103ea64c978e7e8f51e6804b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/index.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 14 Apr 2021 05:10:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 29 Jan 2021 18:54:49 GMT
server: sffe
age: 61001
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8723
x-xss-protection: 0
expires: Thu, 15 Apr 2021 05:10:24 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1F29 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021041201&jk=2403116964662389&bg=!8vGl8bXNAAb2K53n9is7ACkAdvg8WiJMguiewRZeaA5geqGkU_bWhDOwdBuNLodxfRflqivxHY-7ngIAAAJYUgAAADBoAQcKAKVIYoldBjusY5UjpKokWBVgm3vmmEuwOQIpc04vPjJs-XsPtgv0PYzShVjcCVCoyo2WLx3mGIOI533M0gLWJE913Ewu8sQE-Pa-IZGASDejuM9DHa2FgEzau67V91FmEHQoML_mFd1OiLqu8hv4j-xygJFwLe7etfA8EHVGFAMBk0nLQrTjxABtpS2XWtMw8hhtWkfNXU6GS4FX7CmsZgXTnKdRUw6ZAfxJa9idAPozXQW692D71DVrvwRCrcBeFsSvdI1mWjgVsXqOnowv3n5B0IADyGWf9zQJIRGR40kePo94aKgrJKsUwFtRTS4Bdz-EmFBFpTmIetWQh03H5ENAqftYpFtoicyTn57_tBC2agz4qYPW_y_aC7lRGW1188x9mg3fWKYpOXUTE30vq_fnL-NoEIvDtDvCovXZ1r_86LCT8WNFLY5v-0Kdc8NE2_HugIwkfOgQsZS8cL4yMwNYzTd5yOpUJaiYw3ErxM5YjFWSFSQdCLAqSkXXBI_KGeBnuxWiN7JDrVqN0mip4V0znuQ1pVexTgruTgWdE8eID8svaUfkWtoARGOjYz-dlJCyc68ENckIcxInVbtZRNzsr0vyq8gdsrhnMsEplgT_Q5z3Dk1S_4S_5pVmHiQHXnvg9DKb4vvT49Uk1T-yQMM3S9fSiL21UbWrA6-WnmZSgiscZqEuc0x1vAUQzyvF-hpcwm17OMhY4_zX4adKZWTMp1zxQMZ7B5zHsGh1ErmJUL6gskxiEjvwmps9fZjiEz683_aNiUcN6dbqO691zFDBb27REWKcrqrftyPnzFZznu1Sc5eDBtTRpoyjTxXRBotkum0gVYFIccxYH5fA52aqHPXwqBaGS47YyZjqBRvYOMK3_SGh2mb9i51x8zg3eCFaLQoL

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame FB93 0
23 B 14ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=222&t=2&li=gpt_2021040804&jk=4503508210773965&bg=!-fql-r7NAAb2K53n9is7ACkAdvg8Ws9pwhm9w8zHCn4EX8nZr7CLzLwyAG3lLwRsd4EaRjcVTSk4eQIAAAKHUgAAAD5oAQcKAESy9a19U5MPtpszI7Mz2hlS2rEP7UI4wRMQGHarnnfmJF8dHI_YVXgcKeVxpIUXKp64vo9WKJCh7QCXwhegBKzLxYEw2ZkB5z-ZXt2Nnu2i_mvYutJk4Wksade3eFP42WjgCi-hBJmJXX09ZYfExsI7gjI6HEj6JoG2moc-i97esKVaTqxBoYgX4huxcrayPyFTjImeG6cOXqBTHHqan_5nBBRA6Co_valKZcQ0FBOwc9AYju-ISqjheOfwSrVzMn2hkvLvAeNDZQDYDAMrd2PxnilzbdLh-r8nGVBApDp3mTy3CIyR0yWEBZc6raPoZUQQo7hBCIQS2B4G388NWe2Vo7c9sBQCNi_H8VuWgaISWFUXTf2iz4mCv6QFlLsV7e7_srVs8cVI6pbVAUmCPwuOVhddH8Qp57EOTdJoH3n3KJXKyaQn-ubREFTy0ByGyin2uPyRGg0-zxltDLVeYccN094dm5DjQ2-yvA4c1EnSFmkHQUosZPMz5WK1WKXCDRp8FlCkeWGqMn5SpotNzvAPP-0Xa1BQe3DwovZP45CGpGLrbDcP0REIVKILiDPcXpHjrhJoEs9n-fbiQVMgzDNN42IMeNKf-pYscHynFJJUgemhamAwt6aKNVUKkVmiVDemTmjWvCNWjSWiMqtd3F1qJS8BxhTrkH2Fpj9c0mp7tvkbbJbSZ4lTOZxiN2qmpWY7BoA6yzPt_ytXr5InskH8K1xpUK1I0jIbWOnQayg

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame 221A 0
27 B 42ms
41ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET img1.jpg
s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/ Frame 345B 0
0

POST
H3-Q050 200 view
googleads4.g.doubleclick.net/pcs/ Frame DFA1 0
27 B 42ms
42ms Other
image/gif 142.250.185.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.185.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3-Q050 200 view
securepubads.g.doubleclick.net/pcs/ Frame DFA1 0
0 68ms
67ms Fetch
image/gif 142.250.74.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssq51EuBmdyy9Jje10xW3QS-us7ZKEIwv2T5NWiJAe-xy6mkSH-fK7wlEDnso48ZxpTYMzmD3yY09gCqvmsQiCYQ_4YU8_DBuT-Bm9Gm1b7joL3T_pcLvMDONhQI-xuocBdGvxaFms8YcJWSFzuInVxxYVJcvp_EfPRk1GYx4BO0rzCmy73YVe0gMbmXo4O6VejjxbWdUtNSBMdLGnFleQEHLOxllLaUMeXqxwmSU5nWLzmQLAIJO9YpCcUPcPPYZXV0ggZwTIqtJ9sAqCVRII9Ch-jfKg3ArU3mInGccf_vLrRpfQS2prUY74lBShgTdqJhL0AceW5xCmPnkgA&sai=AMfl-YRWdigKvyOP7_GniPf4-CSpjiBIyai9Dp6NHZ-IG0L5sc2My6LaGY8ZLpRbRu2nwcTcvHXv5wwisoBOK_kPm473x73_RsjlF8HhwwApMuWhibbHPD4M1F5Gp5r9SOz_&sig=Cg0ArKJSzIRHmI9HbzHQEAE&urlfix=1&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.74.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s02-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe
expires: Wed, 14 Apr 2021 22:07:05 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 664E 0
23 B 15ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsRWuiGd3YNyLLqbb7_UPxM6QwAMAAAAAOAHgBAI&bg=!vb6lvvrNAAb2K53n9is7ACkAdvg8Wn9t7u7WWi1uAhGIC5vu40oov744rO1VjmRN3wcl5k4dkhD-EwIAAADtUgAAACRoAQcKAQqLlLd0kvken6oY2zOsH98rGOvNByw0eSXAWYmm5YD2IJDL2FtOdcKaSw2KNP6zJVnWxota_tbZkS1ezya34sxc5C2_7KxHlW4Wl-3oigUCj4Hy2NAU2cIS7bWzLcB5MRJtpZNY87WRummWEYlOJ_GueRIONqDsLv7yXEoUsyg6VV9A32eXV-K89tRy93bAqj-BsDbHLLwJtK4F2D8hbC3QazA6JqpBj7Sg0QVeEAqHIhwN956L4Ap3wsO9NcG6t-iou0cGYUxGYePtEEiDpBlXPyQY2LHntkG2iY0njMGiEJpWJ86quCxfuoWkUkwIiZLQriUNdYGZHhx-RENoVYZx4995yAtqNplxbZkCiZ20TFhMscD9UWHGZt99kHlmTf0NYZJbVuWt6MKcW7IsEd-uTtL6BOySQ_X3bAN5clNyQCY-fcq__8Zy3q_g6_fJmOYD0CakaA1DJaPgiKVtmSpxxvYhb1uzx_FOoFoFP9zBe59Vad3yCrCGp5t1o1OsS3t2iBQpkkJrISltHKqq2efaLxGUJV21l0P-sclEbL1dEx_ny-iijWVLLgWDSdSKyy175kNEQifH2lhRxzxglC7Ke6rjcscEaDi9_NMK90jfylDrlgptvpzMThwzVK5PCdAgf3SmyH-b-xQ45GeaVidNUlTOhRAAl0bx5pG9194RYNsdsM5dduPVtBWW_nzKqyJ1vZ6E6v9_Q-sPRoLWt7LVswJKpv2i7ciLQxykkfH3gEZCAgl1B68XhQwcsMH6I35JZhDsvYFckHU3PcQ5IzP3ReiJohzsyCnF2OAY0bx_YDC8Ra4F9wZwerZb-8GzCCP3Gb0sUSQqB8bn0mBQbpwDZXk29A69iDW6r8XgevNPg2vav7yxEhA98KwE-Yu3h7r26nfDfVHhajBiKiFGI1TIrut2HPMdTT_Rn9SoNhUNVx5jeDEPzgzPD7SC8cvNhgJeNmVSN1QuVcubP7CTKx8LyBXaROfoXM2wewhJbmLk2-wRmaaK4yPM3vZmElBLAtw-OgYHOEzC3viwuMgk20Xh4ROUkAA7IUJFoSVzAZF803h7sLi5C_XDezgTYlx5zQ6s7RWmBE9Zzg8w19v7vn6PkwyUys0FXZRmy8yzL_cxfnqjcSPS5E7SFPkByoDxll2SxpFvUkIlRwFbaNMET70_tLr3KRWGDVEDEuBlFvyERDUqqsNQ41XyFIchVcDG6tFbEFicHfk

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 68AA 0
23 B 14ms
14ms Image
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BJMpiiGd3YIaRLu2nx_APy8mnoA0AAAAAOAHgBAI&bg=!2tml2Z3NAAb2K53n9is7ACkAdvg8WvPeTBGTNtLaGgmF9HTTzlFQtohYqc7BL6ralTrrp3UMqZ7zigIAAAD2UgAAABNoAQcKABmmqK6MHD2vvjda3mTAuVgGxdX0w_4INSCkmQJ_7MbWamByVN23iszyMkKEARMXXoXzP0TJHkeWLiNPuXfMpRClm-bQhkzp9WIItMM-MEPx4IffrlrENGMwPGAryeCVnoRifU1tDc9P-FilU-_ZBTyZ1nIe55Ko7gTID56aBtvq9ieIpVMzkIffq6gkkYqX5Pu7ljoNzP1U3OkjrqJZ71lEXPkHPoRPeWqOGbDAsueuEoQALPFBb4Bp0JzrjMACCZplPyjOXDcdjTOIBh-uq49bQqFmPwUsOYeO8qU8UjiA0Yk67mxncvZOGcD3MtDvQVtw88ty1rHTJT1eCRX-gX99fYeJDrxSAKLNciq6uSlLXCHK-JCBCcVFOe85bxB9eAALELsoz32adDxd9gYjI1iRE3V_D6jSLf9kuti-N6ZNya_dp4AV1u_yjpPqobLXC-ycllPnEC9R6_Neq0p7vQPF4dAmEzICLn0LEX02U-0fSOHCiUk0PyoAYXOSzqEGvUDQF6FslfcY7crpK8K3V5z_oIMyy_5vdXeg1PLXA4poigNgkHEObvJhIfvilKKLN6BW8LMkeVR87qO25bUH1B0xoGDuki8MdeX5LzasvGV1urXOyxW3y20ZqObMJibHdBP-Wf-JQS0q1-w-GgZRYRhctzDxSmTvQoRMsSdNiG2tA8TPLiMQKrAukvibZh2MIIwPxb4YOAT5Y9HJS1IDsO2k6quF_8aPyCR5zYLWyK3kQ33JibYkx6E96cGRSA3V0n0fnno4IDmT-8A4R3sBX_dxS68el1xyeRRGkcBycggbDPIa8up5BoNJtPjLvS745GupklJE18O_5nvoUCRpuXnz5Gug6wc1YFYFKi-6s7V9V3whIbTbPI_F4Z4p

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame 221A 43 B
301 B 109ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=4cdffb77-98ff-4326-5cdb-4533ae10b08b&tv=%7Bc:9NTlhU,pingTime:-10,time:619,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618438025825%7C%7C84483a9146aadf991b8aab6c4c1f5d8c%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cb829b572d9cf7b7a7b0f1b6d8a11607f%7C%7C2603e9b2a9a8277b7bd2a00d497411f9%7C%7Cd4f800217e71450d543f6cb630a621bd%7C%7C4fa5951d9ef5b84c1cdf0695c5048532%7C%7Caebaa266bec254155b7b8124cb8f3533%7C%7C1614879537,ch:n,im:%7Bimprf:%7Bttecl:647,ecd:103,tsecr:60%7D%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:05 GMT
X-Server-Name: dt49.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H/1.1 200
OK dt
dt.adsafeprotected.com/ Frame DFA1 43 B
301 B 109ms
109ms Image
image/gif 104.244.36.20
ADSAFE-1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=582938&asId=98161efc-2bb4-f796-1d53-df7dd8eb5c9b&tv=%7Bc:9NTlir,pingTime:-10,time:598,type:s,mvn:ZnNjPTEyLHNkPTMsbm89Nyxhc3A9MQ--,fsc:17.5.1v220002022000220000022002222000022220200000222220222220002222022002222202002220222022222022222000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000002220002220000022200222202220022200200222022202220022202220020222222000220000222202222202222000002002002222222222220022202200022002220222202,sd:MTcuNS4xdjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNS4xdk1vemlsbGF8fE5ldHNjYXBlfHxufHwxNnx8bnx8MHx8bnx8TGludXggeDg2XzY0fHxHZWNrb3x8MjAwMzAxMDd8fC0xMjB8fE1vemlsbGEvNS4wIChXaW5kb3dzIE5UIDEwLjA7IFdpbjY0OyB4NjQpIEFwcGxlV2ViS2l0LzUzNy4zNiAoS0hUTUwsIGxpa2UgR2Vja28pIENocm9tZS84OS4wLjQzODkuNzIgU2FmYXJpLzUzNy4zNnx8MXx8MXx8R29vZ2xlIEluYy58fG4-,asp:1618438025858%7C%7C202eee363b4536b6a6c01586e6521f6a%7C%7Cf34e96995ddf3ff5eb1bfde138cfe29c%7C%7Cdce365649bfdbafabd539bca5f899414%7C%7Cf36789710f28e80828c20c9c8bfcd37b%7C%7C8ae94054c8d8e26af96ad2b59ca6c87e%7C%7C76c86fa71f84939ae5512d7858ddb2cb%7C%7Cec5eda7e5e4a701403bb1456f1c7091f%7C%7C1614879537,ch:n,im:%7Bimprf:%7Bttecl:635,ecd:94,tsecr:61%7D%7D%7D
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.244.36.20 , United States, ASN7415 (ADSAFE-1, US),
Reverse DNS: nyidt.adsafeprotected.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 14 Apr 2021 22:07:05 GMT
X-Server-Name: dt32.303net.pvt
P3P: CP="COM NAV INT STA NID OUR IND NOI"
Cache-Control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Server: nginx

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 5076 42 B
155 B 14ms
14ms Fetch
image/gif 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsvY7tFs7ENvePHKW0cXlvFtiAfNAno47iOdrjLYpdfp47hZEIOCyTd468fYq2PdXQ4JsmhVJ7Pj4mcHoAHjXX9ZYPGeN5QK8l0IXY8yO4I&sig=Cg0ArKJSzLsBZvP7UEtAEAE&id=osdim&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210412&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=19&adk=13849420&rs=4&met=mue&la=1&cr=0&osd=1&vs=4&rst=1618438024350&dlt=38&rpt=525&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_oe=ChMIhvW5vN_-7wIV7dMRCB3L5AnUEAAYACC34apF;met=1;&timestamp=1618438035739;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;
ade.googlesyndication.com/ddm/activity/ Frame DFA1 42 B
498 B 176ms
78ms Image
image/gif 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ade.googlesyndication.com/ddm/activity/dc_oe=ChMIhvW5vN_-7wIV7dMRCB3L5AnUEAAYACC34apF;met=1;&timestamp=1618438035739;eid1=871060;ecn1=1;etm1=0;eid2=2;ecn2=1;etm2=10;

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 14 Apr 2021 22:07:15 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: s0.2mdn.net
URL: https://s0.2mdn.net/4807732/1611946489058/MSFTJUM_EliteDesk800_Drogo_Learnmore_EN_160x600_HTML5_544050/img1.jpg?1603721403760

Verdicts & Comments Add Verdict or Comment

123 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

9 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.cyberscoop.com/	1970-01-20 02:55:34	Name: __gads Value: ID=ce75ef1ae8f8f4a4-226a665420bb00fb:T=1618438024:S=ALNI_MZn1EHkfrJH81LS2A4Puc6cL-iLKw
.cyberscoop.com/	1970-01-19 17:33:59	Name: __hssc Value: 143679850.1.1618438024292
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 02:55:34	Name: __hstc Value: 143679850.adae0d4640a4a51bc229fb077336a5d4.1618438024291.1618438024291.1618438024291.1
.cyberscoop.com/	1970-01-19 19:43:34	Name: _fbp Value: fb.1.1618438022432.1048598205
.cyberscoop.com/	1970-01-19 17:35:24	Name: _gid Value: GA1.2.1750366396.1618438022
.cyberscoop.com/	1970-01-20 02:55:34	Name: hubspotutk Value: adae0d4640a4a51bc229fb077336a5d4
.cyberscoop.com/	1970-01-19 17:33:58	Name: _gat_UA-80491860-1 Value: 1
.cyberscoop.com/	1970-01-20 11:05:10	Name: _ga Value: GA1.2.1695727006.1618438022

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	debug	URL: https://hs-7940188.t.hubspotstarter-jn.net/e2t/tc/VVxXC2578mkVW5WKtv275HNjXW5VG-2S4qnP28N6mkvqt3lGnJV1-WJV7CgKVCW2XM0FF4z0Wn-W2HfTQq8mg3rLW8myR-z1M9zpYW8VL8J51BNx0HW91T1JM3nXtlJN7j68JQhkNtKW4zz2vp7ly3rwW5S4WnM8FwVQJVrrtr-1yFK8lW90hWGs3zhZYSW59DZzl7lgbt-W9ls1Ym4Pg0DNN5tWDKNpd2fBW7ZqRzK12zw43W20Bh621ynfWQW2nMrcQ3RZ0ZpW5nFgkn5ZFsQJW8STlcj9lbFz6W7tsdxk6y1NHYW876h771gvcxYW1npwVd7fJrVWW1y8P9L7FzWhZVb-bPy3HfR8yW28488L6lwqhQW6npp4210M8TXV1S25Q5kgvJSN8PcB3BK5FdxW23yQFl4CV5733n981(Line 13) Message: toS
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.0029296875 ms
console-api	debug	URL: https://static.adsafeprotected.com/sca.17.5.1.js(Line 32) Message: a: 0.000732421875 ms

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

407353ff91847f5c0e1c90d49f4b48ed.safeframe.googlesyndication.com
7445015f24b4138079e5432b973c37a9.safeframe.googlesyndication.com
8949591b2ce2bbdd816018a582eac05f.safeframe.googlesyndication.com
ad.doubleclick.net
ade.googlesyndication.com
adservice.google.com
adservice.google.de
analytics.twitter.com
bde5de92baa7bfc9243de6b323623fcd.safeframe.googlesyndication.com
cdn.doubleverify.com
cdn.taboola.com
cdn3.doubleverify.com
connect.facebook.net
dt.adsafeprotected.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
hp.demdex.net
hs-7940188.t.hubspotstarter-jn.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hsforms.net
linkto.ext.hp.com
pagead2.googlesyndication.com
px.ads.linkedin.com
rtb0.doubleverify.com
s0.2mdn.net
s3.amazonaws.com
securepubads.g.doubleclick.net
snap.licdn.com
static.addtoany.com
static.ads-twitter.com
static.adsafeprotected.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
tps20515.doubleverify.com
track.hubspot.com
www.cyberscoop.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
www.ojrq.net
s0.2mdn.net
104.244.36.20
104.244.42.133
104.244.42.195
142.250.185.130
142.250.186.102
142.250.74.194
151.101.13.44
172.217.16.130
199.232.136.157
213.254.244.13
213.254.244.26
2606:4700:10::ac43:2794
2606:4700::6810:5505
2606:4700::6811:45b0
2606:4700::6811:b849
2606:4700::6811:d4cc
2606:4700::6812:14bf
2606:4700::6812:1699
2606:4700::6813:9a53
2620:119:50e1:101::6cae:b25
2620:1ec:21::14
2a00:1450:4001:800::2001
2a00:1450:4001:801::200a
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:809::2002
2a00:1450:4001:80f::200e
2a00:1450:4001:810::2002
2a00:1450:4001:813::2003
2a00:1450:4001:828::2006
2a00:1450:4001:829::2004
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2008
2a00:1450:400c:c00::9b
2a02:26f0:10c:488::4469
2a02:26f0:7100:18d::25ea
2a02:26f0:7100:1aa::4469
2a03:2880:f013:d:face:b00c:0:3
2a03:2880:f113:81:face:b00c:0:25de
34.95.127.121
35.244.184.212
52.21.95.133
52.217.37.54
52.48.134.198
52.51.81.153
54.76.195.29
0216d870844c21ce7c5c72f3471b81013c6d1879d5c4701b81a6c0c22870e081
063d44bc62d9647b62e24e3072a08f2cd96f36e3f1cb441b0efc3fe3f3fe372c
0bcac89d72d5f0b2bef20f815406384ff05489e4294acee57409060c2eccffc5
0d281aa7b07dfcb1bc05e2cdd051aa34fb915616590b834374148a1768ce3440
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
11c32c7e51c02009a2b7fa42f456cf5605c5f4593cce30a05675726ff7e74f10
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
134bdfef6b19c84bcb7dfc55f32065853ffdf1b05a8661caf172e56edacd427f
1a82bc38f6fb83f2b47565a636020d2a34a5f6b0b77be3ce82b6d84d166c451a
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
20a84f304abfaf56bb829a84199344bca40bf7d4dba451e109a840cbdf728436
20aaf552327d1302a9b6d3d4fbe98152251ce9eb15a101c7b7f71349c4b95538
2842a90967ad223105ebd7ca0fb5a45f9addf1234fba6250788026f7fbb00710
2aef1ac953ce7805c97a1df893082e75a0a11085c3e53b2914bd0a35634977f3
2cb6b65c7eaebaa3113e4befc1ad1c16805cb1cd1dc99cc7cd715738b4a29e9f
3046ab26982b61a2fc0f0fae7ed7f416e9113f924db911efa97b5b80ae16726d
31cce9decad199ebb560bfb34365501e21066210babf63db99a3b4795347bf86
34b8701fdcbd5b7f4b776178cf1c52b3754f60027bf85af5a8573c3208f77890
35714430b17fec47bdd381e2621c738afbbc62cb7e98aae540a177a91bea8550
3aa1d18f920706e41f1aca22613f2a7034b22221c282f32ca3e3e6802ae96a66
3d9031b9d4b0fe29fc43e74c8ae753685e661a16d89d5a9e2caafe81cdd3c0cb
3f212829c67ebb4044ba56c6f1aa9e723b01d57e6493ac39259874acb075cf7f
40adb937145b21abf0b1dde7dfa4d0a80be21ce7bf7d4f85ca944022a23c6785
448b09d82616c7b17b50eed222203cbf1776124c80da6fe799c853bc69be296c
476c9cb7a339073a70b9523b8a38434a1a25db4ca9a96baa4dd51762f0cc3873
4b8dd50e462d914dd8609e8a566ce6bce0ab94088a4bf958b57c4cdb6ab54868
4cf52cc73734aa71f26f6a10be9aeec89602af45bf0f9abd5c8445a076c1ae1a
4d8d48a3f00d424f5083a310bcfbcc1ad35d02e02793a9f459e9938879d8a675
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
50679e0e3933c945348a2db0cc128bb14b57a60a74fabf8cae13acc14efbb2e1
51c40fb52547a14a895a2425e94a53886ced172e90c70d5418890fb67517701b
520947e0a6ba1246bdc07954c354276d8967bb8d103ea64c978e7e8f51e6804b
52c2e5bee213c3596175350cf8632495df32f038efec0be7f83de92856d6862c
534e969062234eaaaab62496c0251d6f8628b4014ce21099d56986e3c8361155
5394f132464da63a08aa5b2cdd62f2f806ef21d37689a9ef6b9c3f02cdaaf10c
53af0e86aaec7cc5f0eec16ab65284b48b944d45b2c4a0cc517f894e25897dd1
53f3e1dc1c67d11e936447c1696d877c1371bc3f42ae667ecf834e5e60fb0b40
55de2f543e24f0c3655be2f344491b2e73ae61350f58a2bb9ebf4ad1326e8fba
575c82f23dbb9285df2f62c7c8121c65d89e8137713110a149067d695975215e
59e883e8012b289177994f2ece9e710c900971403239bd79c62a7e93c9a37207
5a9b349ecf59f1982f25128bdfb0b38a2da7b187c12f1ebac950bcb31a0de269
5c1128eb90550b36ed060f566e1ab10f707e0f2d8bcd9da2a370368ebb52ed83
5f3b103a1268f862a5e432d607f8e5220dea9d301d13565b0ecded3ad9c25ab2
619cb0f3cb3356334f4b593e7f9b59e1a571a5ab6427e2270e057e8bb40f4dfb
62a502ef5d93b58460615f504db8e74b41337b3e26531691c7a78e7561402eb6
6836719899bda27cd22c1551cb7fbfc33fb0bbbedaa89e4baa8715fef8202cbc
69d435ce4b2fd0eb67edcc8e6f471eced90c210fec4725692a550b807742c00b
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
72ce44e83dc780313a7bc1b84098f46fff4335e488cb73babf8966da81be92db
731d7bd9ce2c95bf6af3d5719b995d714111949fb37b39919d45828875361233
78ec474e4d80baee9a1e29e27af012fd05fc77daa946552280c56609adbf16fd
78fdf5abc0ba7951eb52c6d66c9d1a9f8766f4d1c60ca05173c26623de3f3416
7928c85a2d48ff4fecf8280822338d8fa67b93ef9d02fef5dce58322808695a7
7a3f7218703989b2b5daf92319273724ea24f6948631c1376a936ba12bda72e2
7b65c170a45f7b9ef50dd56660bfd25dd0b1a726da2e4762aa0b6a718f0c01ad
7f134de2e6859c8b9a8acb3f07c54f04c9fbe04c3381e137d85e2f0cb08a526b
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8568f039c1951ef91fce769fd09da0b0dbfcf503e0e9d14044c3f49675b809cd
86be5d6a3d661fd3d5d72f254a347dec5c66cad569117f51dad297acba02f558
870b676bf799feeb11ad5735059d3a75b0b86101ced1a465fb4e7ea4690b38c0
878288f1c0048d4cd9473395880ef79316fe05db35d98fb61a8c18cd4b25783a
89cbcbe240aa0dea41cd51c979bed8305861242b03caa1cf1fae691a39b267a1
8ac3a48fb1420fcacb42797a2474568ced617a83c7fb7ee643f407cb97d9680c
8b7a47a695a413443ee1cba5b8cb390af99d8ecb1c94ffd30005c2a039303fe0
8c5987fc2409abe9ee8d73fee09d71847ddf5c4329a0bbad7d4e4bc522e51b47
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8cb438bd4d1961f80ade4f1a295ca7de253630adcdd10473932908e638908c5e
8d6487dc2599772b6ccb8ed3c214aefeddf16e73d868abb94f2223c133af06d0
9146f6ec02b7c1db65d152424e1d5e5f3a5d7d6ca91d1282a7e678150683876f
918ef2d3a0a0b4437af314a5827978c3bbb406046964f1c03200a7047107531c
92de3088fccc4b1a1425c55a6eb8cb407f3b95f76865f7080f8fb7084f0f3664
942e44b1cef3a0678c306625f42ea1cd180d9ee9fbe443ed98fc1076c07493a5
94c2543ee527c1e987a54d88914b529a0d832a4cf55d0fd20a9b7c569c508930
963e612947983d57da5d83ca9bc8d9229ba31a1067b41f1392df5d9d8bf03cea
966ee1486939f4b7c9815a6ce8dd42420c5859a42efdbbd5b91aff45e0b1cc38
96941cb622b35d44c8926235f73a22a9efc5e1847abf14045d96981bd27e8040
96b8a4481da526ff5a1a77c312a2aa83df0d0821e90dc91ccfad3fa53526a163
9ddca568ff519cd935a816baec6f7bfce459656ec5022ec2ba6a6225891022eb
9facc976353ff7ab7cbb7345853c0f7d0c1bbce3733934b53790b93833dbae4c
a0557598367f43e5e5a51a17ece8c91e982d73effdedc3cdee79b45ef4e402f0
a060aca1def4e45da8730e2c6052fb1efbe9b1bdd305c14ea86c8c5152ebd593
a2a292ee40c2422d82f43b270984343ea18e7c05384459c1d7adbee2c241be30
a41dd567a7d51dac3d65a716b505f5bba7526e36405ed8a832d72a4ada3665c2
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a6595cb9b31af440e97373e0255038873f2ded820356e9448ae59eac9219ad5a
a66e6cf6e6a86b34b9535aa640590625ede70093ea3aacf3160cdf02ec3ef4f4
a73730123a43c3040d889aaee11ec35094277ce5f778076b262c23a293870adb
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
af59aa73c9d7f4c79af14582d0455eb2950995d4fe5ed754d9c1eb7d09acc4a1
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b534f367f11c24f3709e27fdb539f308475d495eaafed8f7681a5c96dfacc537
b56356964d8e45ef965541bb383660bcc68c1bc91f781a876e5e27c67190c079
bb6a7f39d0982d1605492df9ffaa28989d1829fdf91037053e4af527ae5ed797
bcc6ccbbe9b3f2c14b3eb45ea17eb4b456ee0b359ca820751d8f4b140c57ba0a
bd3bd81ea6cf3bbc82f89913fecca492e79318fef844c664a790ff2db72e5590
be6bee41d3176d6168a634ab782e68ff0b80554cb940397dd51282ed43543d5f
bf97ea16fc6f3ed219404e08367a661cc6964d6bd9a40872e26453976df761e2
c0758721ba3b41bf0236a10348f8ad1ceb3336894bfbaca0b9d77fb366b585c1
c3b9597a90a43830b2a92897a5ef015ce5310e7f32dbb5cd1db2c807c5e6b036
c61a719b48533a1fa932729f4927ba1377a96c441b0d6a427096b867742b4645
c84f7f99e22a2d9e8afaadb5c6d7a6e0ef11e672ac4c49b35e288bc1a150564b
c8e8d444ac2542a7a655c17983adb1d0555b87f7ffbae6ab72746fda947931aa
ca2e99ffb3730e887ee7389e499993e912e5e47ec6f28c991a692cd78746edf5
cb53fd4d514accd4713efc61055e9bac3059efa921cd700f1e0e62963b060c99
cbcf7f9157306feaa0252eaa2fca6f6a36cf74bd919dc17520023405867fd32b
ccd21ebd19b259d979d4ddf5af0751f6fae149746ae2e7a164beec2a600682be
cf89b05aa45bb14f23d4c97dac9b3091e2d866c73f68e18d2cb6b538378db6f9
d03755898b05a3d69377bf7da16ccb307e789a0f569b4dbbcb7b29bdecf967c5
d28cae33a9cff1cd54246e2bca04018f101451707a5b5f426d32ea768e911186
d5d4228a3e80d57bcf6ee1f6080fbc4c65dba96e81d2364535fa49e3d27e9131
d72ddebe45abc3dbf3a228d5727b49f6a64dba7b686d0dd27f9693e39071555f
d84b9c7fb4e399bb8dcd340005b7338031d75ad2289e32d69687ec843879c067
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc666527c7989fdad450d729be48af719d8a66af057630a461bbb5c72b1e20a8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
df3e003cc30e9bdd0313100e8ee5d468070b4b34d11ad355f276a356d4b9c7bf
e12dfaae532b449b71117f29ad43f92b3b87c19509a9b16f91115fd4e07903b4
e30f848c353b8ab801c18d2109527cb32a27f145262dccb3cd4db9f309cc53bb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e55b5cba1f8e7604687c4f99ab7b1c3bf971ab991ec0fae83fb221b98daf07c4
e9270a81326607795ab986b54a84c53a0408682468f364bf2054566f95964f2f
ea7c3c1fb429c64a75b15bc3d82e99987c40229c3275a5d0c37deb6143e4cf6f
ec34cd386427fe6deacf99f4fdbeea4b1d1ed25f505411650d7ceaa843a7fc63
eecc78f834649472672438efb8854e77ac8571a4c901d3c102a2554c3059ba7d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f34fab7dfb24eb9ed68a5bbaa5943211118c8acfd8a32f1ea01f8ec40907a3c0
f49b1d1bd49f5c61c93e08dc9b8427ae046c513af8ce30fa8d04162bb6f5b9df
f4a388a3234ae316bd3680065bda88e40313acea24aca92b566678614c31bc38
f5183a3d6c4ef05903e03cf0e17b5de05db527c27d0ef049d52d2fb4da484e96
f79723478f4c48501cd49ac52b81d6244a6562b9d3f08ce8ab208a8b8878d4c4
f7f6e5518f418ea1cc3ea9526643b0d46dc3568509caaa95f03536b06006c9f9
f9b0195ab22815c68db0b05e89abfc88fcb0b46b8b9a28d70ca731f17e07053e
fe9df7af9647a824fe66cae1f452ecb318d9f9ad3b2e09ef0623f0c6af50a0ed

www.cyberscoop.com Open in urlscan Pro 52.21.95.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

99 %HTTPS

63 %IPv6

33 Domains

50 Subdomains

47 IPs

4 Countries

3564 kBTransfer

8068 kBSize

9 Cookies

15 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.cyberscoop.com Open in urlscan Pro
52.21.95.133 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

99 %
HTTPS

63 %
IPv6

33
Domains

50
Subdomains

47
IPs

4
Countries

3564 kB
Transfer

8068 kB
Size

9
Cookies

215 HTTP transactions
6 data transactions