cyberscoop.com Open in urlscan Pro
18.66.112.24 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://cyberscoop.com/ransomware-group-ra-group-talos/
Submission: On May 16 via api (May 16th 2023, 2:11:37 am UTC) from TR — Scanned from DE

Summary HTTP 246 Redirects Links 20 Behaviour Indicators

Summary

This website contacted 39 IPs in 4 countries across 26 domains to perform 246 HTTP transactions. The main IP is 18.66.112.24, located in United States and belongs to AMAZON-02, US. The main domain is cyberscoop.com. The Cisco Umbrella rank of the primary domain is 432386.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 27th 2023. Valid for: 8 months.

This is the only time cyberscoop.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	18.66.112.24 18.66.112.24	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:16::215:148f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
32	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
1	18.66.100.58 18.66.100.58	16509 (AMAZON-02) (AMAZON-02)
1	2606:4700::68... 2606:4700::6812:873b	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7ed3	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:80b::2001	15169 (GOOGLE) (GOOGLE)
1	63.34.81.234 63.34.81.234	16509 (AMAZON-02) (AMAZON-02)
24	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
1	2a02:26f0:480... 2a02:26f0:480:f::213:7edd	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	146.75.120.157 146.75.120.157	54113 (FASTLY) (FASTLY)
1	18.66.97.49 18.66.97.49	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f08... 2a03:2880:f084:d:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:89ce	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6812:19c4	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:80b::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:20e... 2600:9000:20eb:8400:2:53b2:240:93a1	16509 (AMAZON-02) (AMAZON-02)
4 4	2620:1ec:21::14 2620:1ec:21::14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	13.107.42.14 13.107.42.14	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	52.222.236.43 52.222.236.43	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.69 104.244.42.69	13414 (TWITTER) (TWITTER)
1	104.244.42.195 104.244.42.195	13414 (TWITTER) (TWITTER)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	15169 (GOOGLE) (GOOGLE)
3	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2003	15169 (GOOGLE) (GOOGLE)
3 12	54.76.27.26 54.76.27.26	16509 (AMAZON-02) (AMAZON-02)
18	2a00:1450:400... 2a00:1450:4001:82f::2006	15169 (GOOGLE) (GOOGLE)
20	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
6	142.250.186.162 142.250.186.162	15169 (GOOGLE) (GOOGLE)
6	2606:4700::68... 2606:4700::6811:180e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
15	2600:9000:223... 2600:9000:223f:ca00:8:48e:53c0:93a1	16509 (AMAZON-02) (AMAZON-02)
53	2600:1f18:1ac... 2600:1f18:1aca:4282:8fe:de36:708f:cb17	14618 (AMAZON-AES) (AMAZON-AES)
1	2606:4700::68... 2606:4700::6813:9b53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
246	39

22 18.66.112.24 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-24.fra56.r.cloudfront.net

cyberscoop.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:16::215:148f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

securepubads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.100.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-100-58.fra56.r.cloudfront.net

cdn.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:873b (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7ed3 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:80b::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 63.34.81.234 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com

p1.parsely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

24 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:f::213:7edd (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

snap.licdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 146.75.120.157 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static.ads-twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.97.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-97-49.fra56.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:89ce (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:19c4 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:80b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8400:2:53b2:240:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.linkedin.oribi.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:21::14 (United States) 4 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.107.42.14 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

px4.ads.linkedin.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.236.43 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-236-43.fra56.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.69 (United States)

ASN13414 (TWITTER, US)

t.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.195 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.186.102 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 54.76.27.26 (Dublin, Ireland) 3 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com

fw.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a00:1450:4001:82f::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.186.162 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2600:9000:223f:ca00:8:48e:53c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

static.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

53 2600:1f18:1aca:4282:8fe:de36:708f:cb17 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

dt.adsafeprotected.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6813:9b53 (United States)

ASN13335 (CLOUDFLARENET, US)

track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
80	adsafeprotected.com 3 redirects fw.adsafeprotected.com — Cisco Umbrella Rank: 950 pixel.adsafeprotected.com — Cisco Umbrella Rank: 750 static.adsafeprotected.com — Cisco Umbrella Rank: 631 dt.adsafeprotected.com — Cisco Umbrella Rank: 579	605 KB
48	googlesyndication.com 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com tpc.googlesyndication.com — Cisco Umbrella Rank: 143 pagead2.googlesyndication.com — Cisco Umbrella Rank: 107	423 KB
29	doubleclick.net securepubads.g.doubleclick.net — Cisco Umbrella Rank: 205 stats.g.doubleclick.net — Cisco Umbrella Rank: 91 ad.doubleclick.net — Cisco Umbrella Rank: 173 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 357	303 KB
22	cyberscoop.com cyberscoop.com — Cisco Umbrella Rank: 432386	550 KB
18	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 311	308 KB
13	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 192	458 KB
6	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 231	103 KB
5	linkedin.com 4 redirects px.ads.linkedin.com — Cisco Umbrella Rank: 414 www.linkedin.com — Cisco Umbrella Rank: 645 px4.ads.linkedin.com — Cisco Umbrella Rank: 6490	4 KB
5	typekit.net use.typekit.net — Cisco Umbrella Rank: 501 p.typekit.net — Cisco Umbrella Rank: 655	211 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 39 region1.google-analytics.com — Cisco Umbrella Rank: 2495	21 KB
3	google.com adservice.google.com — Cisco Umbrella Rank: 83 www.google.com — Cisco Umbrella Rank: 2	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	233 B
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 161	135 KB
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 695 script.hotjar.com — Cisco Umbrella Rank: 957	73 KB
2	google.de adservice.google.de — Cisco Umbrella Rank: 7680 www.google.de — Cisco Umbrella Rank: 5171	939 B
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	149 KB
2	parsely.com cdn.parsely.com — Cisco Umbrella Rank: 2945 p1.parsely.com — Cisco Umbrella Rank: 2269	18 KB
1	hubspot.com track.hubspot.com — Cisco Umbrella Rank: 2519	1 KB
1	twitter.com analytics.twitter.com — Cisco Umbrella Rank: 690	395 B
1	t.co t.co — Cisco Umbrella Rank: 510	377 B
1	oribi.io cdn.linkedin.oribi.io — Cisco Umbrella Rank: 1034	375 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 2380	64 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 2372	21 KB
1	ads-twitter.com static.ads-twitter.com — Cisco Umbrella Rank: 718	15 KB
1	licdn.com snap.licdn.com — Cisco Umbrella Rank: 885	5 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 2601	1 KB
246	26

	Domain	Requested by
53	dt.adsafeprotected.com	0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com cyberscoop.com
24	tpc.googlesyndication.com	securepubads.g.doubleclick.net 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com cyberscoop.com tpc.googlesyndication.com
22	cyberscoop.com	cyberscoop.com
20	pagead2.googlesyndication.com	ad.doubleclick.net tpc.googlesyndication.com www.googletagservices.com 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com securepubads.g.doubleclick.net
19	securepubads.g.doubleclick.net	cyberscoop.com securepubads.g.doubleclick.net www.googletagservices.com 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
18	s0.2mdn.net	cyberscoop.com s0.2mdn.net 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
15	static.adsafeprotected.com	fw.adsafeprotected.com pixel.adsafeprotected.com 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
13	www.googletagservices.com	securepubads.g.doubleclick.net 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com www.googletagservices.com
6	cdnjs.cloudflare.com	s0.2mdn.net
6	googleads4.g.doubleclick.net	cyberscoop.com
6	pixel.adsafeprotected.com	s0.2mdn.net 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
6	fw.adsafeprotected.com	3 redirects cyberscoop.com
4	0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com	securepubads.g.doubleclick.net
4	use.typekit.net	cyberscoop.com use.typekit.net
3	ad.doubleclick.net	www.googletagservices.com
3	px.ads.linkedin.com	3 redirects
2	www.google.com	cyberscoop.com tpc.googlesyndication.com
2	www.facebook.com	cyberscoop.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	connect.facebook.net	cyberscoop.com connect.facebook.net
2	www.googletagmanager.com	cyberscoop.com www.googletagmanager.com
1	track.hubspot.com
1	www.google.de	cyberscoop.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	region1.google-analytics.com	www.googletagmanager.com
1	analytics.twitter.com	cyberscoop.com
1	t.co	cyberscoop.com
1	script.hotjar.com	static.hotjar.com
1	px4.ads.linkedin.com	cyberscoop.com
1	www.linkedin.com	1 redirects
1	cdn.linkedin.oribi.io	snap.licdn.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	static.hotjar.com	www.googletagmanager.com
1	static.ads-twitter.com	www.googletagmanager.com
1	snap.licdn.com	www.googletagmanager.com
1	p1.parsely.com	cyberscoop.com
1	adservice.google.com	securepubads.g.doubleclick.net
1	adservice.google.de	securepubads.g.doubleclick.net
1	p.typekit.net	use.typekit.net
1	js.hs-scripts.com	cyberscoop.com
1	cdn.parsely.com	cyberscoop.com
246	42

This site contains links to these domains. Also see Links.

Domain
www.fedscoop.com
defensescoop.com
statescoop.com
edscoop.com
workscoop.com
scoopnewsgroup.com
blog.talosintelligence.com
www.bleepingcomputer.com
www.sentinelone.com
www.facebook.com
www.linkedin.com
twitter.com
fedscoop.com
www.instagram.com

Subject Issuer	Validity	Valid
defensescoop.com Amazon RSA 2048 M02	`2023-02-27` - `2023-10-27`	8 months	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.parsely.com Amazon RSA 2048 M02	`2023-05-06` - `2024-06-03`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-05-03` - `2024-05-02`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
*.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
snap.licdn.com DigiCert SHA2 Secure Server CA	`2023-02-01` - `2024-01-31`	a year	crt.sh
ads-twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-22` - `2023-08-22`	a year	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-02-22` - `2023-05-23`	3 months	crt.sh
linkedin.oribi.io Amazon RSA 2048 M01	`2023-02-24` - `2023-08-06`	5 months	crt.sh
t.co DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-04-24` - `2023-07-17`	3 months	crt.sh
fw.adsafeprotected.com Amazon RSA 2048 M02	`2023-03-29` - `2024-04-27`	a year	crt.sh
static.adsafeprotected.com Amazon RSA 2048 M01	`2023-02-24` - `2023-09-04`	6 months	crt.sh
dt.adsafeprotected.com Amazon RSA 2048 M02	`2023-05-09` - `2024-06-07`	a year	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2023-02-05` - `2024-02-05`	a year	crt.sh

This page contains 24 frames:

Primary Page: https://cyberscoop.com/ransomware-group-ra-group-talos/
Frame ID: 12419B46C55131DBA2DE7BD212A907B4
Requests: 62 HTTP requests in this frame

Frame: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F0F484E77D55D59AB09908089B7241B1
Requests: 1 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiq9fdWKkNw0RG-OtXe0G73jMk4dJ2c-EbrmSGFtJbX_5RRqUb5IXdfAgKCIdCFD6yvf2tj8r68iIHESCnOFuOrAKgdsN9BvZxM8BYcQ8yg0oD3EanvSIlqMu25FKfVtRiZ1EPSkvvJroiPBMFZWUT_ZPWi9qLW0M8YvoBupp2F7QyHKsi-ZO9YyyiUZ1sLSOF7InhudWORWkJFNtl0dtVveLEWl3DHMFkXvQnksDvZOHehsEj0oZJFLx-bdLyCt2pyYgUJgplNd-ObFGlEcCdZZ3smI5AaHt8jIcx3DdwVpZgzIGkuuVQ_IvRj-dBhKcn6Vvz3kk6-WHyLLM&sai=AMfl-YSf4iRbvFiXMJCTuGYgB65ZF2TGPOCI_w33H1hrw1nFk0BSk4lbI3MrS5catvbjV2euep08ZY8oxOd3XzOvtFcDMUWRgPwaHa7Qfz41X_h3A3Jys82ixSaBZtL1enEBo615v5ZuAVEfHLUN3mvG&sig=Cg0ArKJSzHXeWcKNQT8CEAE&uach_m=[UACH]&adurl=
Frame ID: 595F21F7310FFF010D0C39394DB70094
Requests: 8 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmIjLeKFEuRMx3TMAUnV4FPJZQBh007_z5y1lpQGtbqaTte0P8CpAUHErdCZTrK_fngxX6UMIF9rotzffdQq28g5J2VQZ_a08DAxfcaAd_RGRQFgYVx9c_RI20IinUUlUEDNAKKbegVCa7UzSbfIl_gaINAxtxezujySgnI2SAsn24qZvGVVAT9KMgiDTPYokpcs-VCx3bXXuYKj1iFDUt8Fqf7VDfZeGsh0lNMpp0ElN6M9QNoFmm6DGhz5EEUd5u1QJXOcQSlc2zY3ClG8rNjRniZO1TIJDDE--K2IFd8IuWqHU-GEO6yFFihSepzTF88gHOK4MIcobcY6UqrzXc&sai=AMfl-YQDEiIqa42B13QqurURN3kdN2vsp18_LmB3-22HOw3KTqOLPgw0GPwVlTVOGBXJ-7zkRJ0ZXwSzMuzmKND9Sats4t3haV1VG2JlY5JsUT6hgrDLsBFoiU_U8dmJqHtk_ryt49Atb0cjj1eJqwY&sig=Cg0ArKJSzNoAMCLtERMFEAE&uach_m=[UACH]&adurl=
Frame ID: 22F60B90FFAA02C316C75AF7691E6E92
Requests: 7 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve8HsjSNy0Lb3oxCy1d_JkWQDuBACLRZQfTSGt-0KC_SJvAaHphpnR-wos-2-mgfMOLMZUu9GXrzy2iOYtvu52pAA2H9_HQBInTd0olaQGn8_phM6e9dZc7CUjeeXveCbYZcH7b5SjiGuNSIvZeK_2BWYg1sSJkS17dICS4JoDpTKVN2moX4lQaE5OZTKg3IJlYbMlwP3Gr5h4HVs2H0mzJvPIw7s6j0oS7lpULT--MOzMj4Up0-zb3YONg6zIiB7q3OSeXpjiMR5pDYFH96nnX6m_ndVtWUvF70MR2dV31P1Ozr5DsiGTs5zNcv8lD67Zp4_iM8BlS3WK_2I_ycNi&sai=AMfl-YQcjlV56eh2XPpCS-WME_6bL2IaDKYV7byYzc3fosrcN6MQox8C1wx7sI_0Q5hb8Mx0HlaU1TJyM5tHWPqy9TomI8789gZdGmFZpbqRSZZNBAkjXUljlwiSLvNBcPZwHpAu0PFmEOlJVJMz0AY&sig=Cg0ArKJSzKmQgebumgX5EAE&uach_m=[UACH]&adurl=
Frame ID: 720EAF5F9A57489DE6B7FFB8111553D5
Requests: 7 HTTP requests in this frame

Frame: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: 7C37D9FF60F37EC01A30E0EECADD4AD8
Requests: 41 HTTP requests in this frame

Frame: https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUVWub1jW-Hws2qB1FQZbwYfVaW32g6OMfaio7qv2bXpFVYPPzcb4wlQtCCOP7Gxje_taZGJ50pZrriQVRvMr9YHwz-wHXFi50WtoTwsJs8XxOUvXiaONdYzLZCkORBk9fikHyxI722XflHqAuglMGmT3Xn_8FTu9IWEu24RBLcC4b-OD4d4tZSAAaasuTy18tiQo_QSou_XJXlS_ko398eM1wr_ltHwzj5YVlhh5LdgjjdKkAUs8sS1tELaihzQRTO3mURXiTfMiXlfHFw6F1jIAHUZG3qjLbXNS49kQZkqwq3Kwj-ORJFSRjuR6QLyuem-xXT_z30kOSPBip&sai=AMfl-YRXMCM6hcp0HEQx7cAT-jHqv8lwiUbjxcaAmdzsSmGQBibchDlziYkZQPt1GC7hshSmsfyP7-DatFUK0Rzm8GrPS2hzEasMQGda1SdG2d_K-G2wlzvQ20ZTiMc-hNFMOcdeqdOouYHXjiR5WMo&sig=Cg0ArKJSzNOUsj-MXiUqEAE&uach_m=[UACH]&adurl=
Frame ID: 62B8F704298BEC0CE8C749E1BBB2FBFE
Requests: 7 HTTP requests in this frame

Frame: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: DDE5561E96E8DF64231ADADE2F7AE7DF
Requests: 42 HTTP requests in this frame

Frame: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Frame ID: F1E4C3A149BF306C8C4D91E2C7A04F1D
Requests: 36 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 0680314A6707EBD96F2338F1349CA551
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 4D58A8AFCD1AC4F171622F3945650C7F
Requests: 3 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 20AFB0B3CDF342CDFFC674EA01D4C751
Requests: 3 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html
Frame ID: 670A489D98FC69E8B62D7BCB92769008
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html
Frame ID: F25B364306C9431A1C53E6327DFD7A19
Requests: 7 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html
Frame ID: 1A20A2C4434A6C4730067A952D90EB21
Requests: 7 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: FA41C926D42E4A64CF4392B5A39EC31A
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 3B55E0D365BECDD31804EAAFCE946A94
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0A4E34DF074DFF9A468D58A1BE26108C
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 72ADA952D897E92A7B20879256309259
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: B036575442F70B682750B002F731FFFE
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: 0D76AB830D1E8077E3D307A014020D5F
Requests: 1 HTTP requests in this frame

Frame: https://static.adsafeprotected.com/sca.17.6.2.js
Frame ID: D3B27A90FD469A9CBB2C0564014D9393
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
Frame ID: 51E60E364B29365B3C7AEC7D58113676
Requests: 3 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 3E6685CBDCE6BD61E4D1289016A1E6D3
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Ransomware group claims 2.5 terabytes of stolen data less than a month after emerging online | CyberScoop

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

GSAP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

TweenMax(?:\.min)?\.js

DoubleClick Ad Exchange (AdX) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

tpc\.googlesyndication\.com/safeframe

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Linkedin Insight Tag (Analytics) Expand

Overall confidence: 100%
Detected patterns

snap\.licdn\.com/li\.lms-analytics/insight\.min\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

Underscore.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

underscore.*\.js(?:\?ver=([\d.]+))?

Page Statistics

246
Requests

98 %
HTTPS

69 %
IPv6

26
Domains

42
Subdomains

39
IPs

4
Countries

3467 kB
Transfer

9100 kB
Size

31
Cookies

20 Outgoing links

These are links going to different origins than the main page.

URL: https://www.fedscoop.com/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: FedScoop

Search URL Search Domain Scan URL

URL: https://defensescoop.com/
Title: DefenseScoop

Search URL Search Domain Scan URL

URL: https://statescoop.com/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: StateScoop

Search URL Search Domain Scan URL

URL: https://edscoop.com/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: EdScoop

Search URL Search Domain Scan URL

URL: https://workscoop.com/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: WorkScoop

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/oursolutions/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: Advertise

Search URL Search Domain Scan URL

URL: https://blog.talosintelligence.com/ra-group-ransomware/
Title: researchers with the cybersecurity firm Cisco Talos said Monday

Search URL Search Domain Scan URL

URL: https://www.bleepingcomputer.com/news/security/babuk-ransomwares-full-source-code-leaked-on-hacker-forum/
Title: leaked in September 2021

Search URL Search Domain Scan URL

URL: https://www.sentinelone.com/labs/hypervisor-ransomware-multiple-threat-actor-groups-hop-on-leaked-babuk-code-to-build-esxi-lockers/
Title: reported identifying 10 distinct ransomware families

Search URL Search Domain Scan URL

URL: https://www.facebook.com/sharer/sharer.php?u=https://cyberscoop.com/ransomware-group-ra-group-talos/
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/cws/share?url=https://cyberscoop.com/ransomware-group-ra-group-talos/
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://twitter.com/intent/tweet?url=https://cyberscoop.com/ransomware-group-ra-group-talos/
Title: Twitter

Search URL Search Domain Scan URL

URL: https://fedscoop.com/transerve-data-breach/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: Transportation Department breach exposes data of federal employees

Search URL Search Domain Scan URL

URL: https://fedscoop.com/cisa-and-partners-issue-secure-by-design-principles-for-software-manufacturers/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: CISA and partners issue secure-by-design principles for software manufacturers

Search URL Search Domain Scan URL

URL: https://scoopnewsgroup.com/?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092

Search URL Search Domain Scan URL

URL: https://www.fedscoop.com/wp-content/uploads/sites/5/2022/11/SNG_AdSpecs.pdf?__hstc=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&__hssc=143679850.1.1684203092586&__hsfp=4102216092
Title: Ad specs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/cyberscoop
Title: FB

Search URL Search Domain Scan URL

URL: https://twitter.com/cyberscoopnews
Title: TW

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/4847467
Title: LinkedIn

Search URL Search Domain Scan URL

URL: https://www.instagram.com/cyberscoopnews
Title: IG

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true HTTP 302
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1684203090790%26url%3Dhttps%253A%252F%252Fcyberscoop.com%252Fransomware-group-ra-group-talos%252F%26cookiesTest%3Dtrue%26liSync%3Dtrue HTTP 302
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true&liSync=true HTTP 302
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true&liSync=true&e_ipv6=AQKrK7XkMT3IOAAAAYgiU7b5c61qISMIyp8k4k0ck441ZUncP-dbaldxPuQEH2NxNhZVXZDMR3now5QARB0BjKkWU-MdRA

Request Chain 150

https://fw.adsafeprotected.com/rfw/st/1401916/70726087/skeleton.js?adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:65edb9f0-f3e7-e9ac-bd12-e1814f64c257,c:cJU4fV,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-694mc,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:238,mot:0,app:0,maw:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C1811%7C182%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:262,oid:f967d39d-f38e-11ed-87bc-d695734b0bd8,v:19.8.411,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 167

https://fw.adsafeprotected.com/rfw/st/1401916/70726091/skeleton.js?adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:3d849f1c-a186-5fdf-9ad3-32471226f785,c:cJU4ix,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-p8dlq,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:412,mot:0,app:0,maw:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C1711%7C172%7C173%7C174%7C1811%7C182%7C19,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:421,oid:f967d376-f38e-11ed-b9d4-fa89d82576f3,v:19.8.411,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

Request Chain 169

https://fw.adsafeprotected.com/rfw/st/1401916/70726092/skeleton.js?adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e,c:cJU4iQ,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-qhcwh,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,mtim:430,mot:0,app:0,maw:0,fm:tEnKxbe+11%7C12%7C13%7C14%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,tt:rjss,et:436,oid:f967fa54-f38e-11ed-be68-1e2e8dae922c,v:19.8.411,sp:1,st:0,fwm:1,wr:1600.1200,sr:1600.1200,ov:0 HTTP 302
https://static.adsafeprotected.com/skeleton.js

246 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
cyberscoop.com/ransomware-group-ra-group-talos/ 108 KB
22 KB 97ms
31ms Document
text/html 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.112.24 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-112-24.fra56.r.cloudfront.net

Software

nginx / WordPress VIP <https://wpvip.com>

Resource Hash

f258fd7d2d108695d07111efb5394ab185059b9e0814be4f9de6782cae0916cc

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 609
alt-svc: h3=":443"; ma=86400
cache-control: max-age=300, must-revalidate
content-encoding: gzip
content-length: 21732
content-type: text/html; charset=UTF-8
date: Tue, 16 May 2023 02:11:29 GMT
host-header: a9130478a60e5f9135f765b23f26593b
link: <https://cyberscoop.com/wp-json/>; rel="https://api.w.org/" <https://cyberscoop.com/wp-json/wp/v2/posts/74019>; rel="alternate"; type="application/json" <https://cyberscoop.com/?p=74019>; rel=shortlink
server: nginx
vary: Accept-Encoding
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-id: whhVvHXEwXVBfgH3FHVN4VG2MrBpWNApigOIIR2-2qmQwqtIL2fZAw==
x-amz-cf-pop: FRA56-P5
x-cache: Miss from cloudfront
x-frame-options: SAMEORIGIN
x-hacker: If you're reading this, you should visit wpvip.com/careers and apply to join the fun, mention this header.
x-powered-by: WordPress VIP <https://wpvip.com>
x-rq: hhn1 85 187 443

GET
H2 200 style.min.css
cyberscoop.com/wp-includes/css/dist/block-library/ 95 KB
13 KB 26ms
24ms Stylesheet
text/css 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-includes/css/dist/block-library/style.min.css?m=1680731201g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 26 Apr 2023 16:18:56 GMT
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-rq: hhn1 85 188 443
last-modified: Wed, 05 Apr 2023 21:46:41 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 1677153
etag: W/"642dec41-17ced"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: czP7U9Lu4qGAN60mbzKZFB5IORTCyQlJj5-YcTrO3_0VaaFQTS5gPg==

GET
H2 200 related-posts-block-styles.min.css
cyberscoop.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/ 222 B
597 B 31ms
30ms Stylesheet
text/css 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/mu-plugins/search/elasticpress-next/dist/css/related-posts-block-styles.min.css?m=1682963247g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 01 May 2023 21:38:09 GMT
x-rq: hhn1 85 188 443
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
last-modified: Mon, 01 May 2023 17:47:27 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 1226000
etag: "644ffb2f-de"
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 222
x-amz-cf-id: JUhu8ngN7x4GEc2eWeITIciy00eVHCi3wG6cLH3XuGHgLmS-bvy3jw==

GET
H2 200 frontend.css
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/ 156 KB
22 KB 30ms
29ms Stylesheet
text/css 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4de49c6955ef1ab94197487666c7021891d7b0a1402e3e06d8d8bb3047e32b9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 01:31:13 GMT
content-encoding: gzip
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-rq: hhn1 85 187 443
last-modified: Thu, 04 May 2023 01:15:02 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
age: 1039216
etag: W/"64530716-26ec6"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: QEn6lDphgqkmATVNwSzsJQ1Ea0-xa73_oPJXq1GRLzXUhhyxem0jTQ==

GET
H2 200 itk2qbh.css
use.typekit.net/ 6 KB
1 KB 150ms
34ms Stylesheet
text/css 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

deba037b78c3c02c062545c841110d1489b59c78425c187ed03760a521541e50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Tue, 16 May 2023 02:11:29 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 926

GET
H2 200 / Show response
cyberscoop.com/_static/ 101 KB
35 KB 34ms
33ms Script
application/javascript 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??-eJzTLy/QzcxLzilNSS3WzwKiwtLUokoopZebmaeXVayjj0+Rbm5melFiSSpUsX2uraGZhYG5saGRgWEWAK9aIhU=
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 03163fb7b374fe2300420baafc172c762df151ebe6299d6b23c4d9d683c67c4e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 05 Apr 2023 22:10:16 GMT
x-rq: hhn1
content-encoding: gzip
last-modified: Wed, 05 Apr 2023 21:46:41 GMT
server: nginx
via: 1.1 ee6745944298a5956e13c939ebdcf8f2.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 3470473
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: CB7tPYqogkv7TtmI9fQeRkQ5eMe3lhCQuMiK2DFg35SLcu1Qf0FsAw==

GET
H2 200 gpt.js Show response
securepubads.g.doubleclick.net/tag/js/ 75 KB
25 KB 91ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/tag/js/gpt.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9599f3edd792a3af68cc0ecf14398d86361bc04ec60b0e5dc0a0d5dcd98b7ab6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:29 GMT
content-encoding: br
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 25489
x-xss-protection: 0
server: cafe
etag: 144 / 19493 / 31074557 / config-hash: 14293715167463316945
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=900, stale-while-revalidate=3600
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:29 GMT

GET
H3 200 logo-cyber.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 2 KB
1 KB 21ms
21ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/logo-cyber.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:22:47 GMT
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4867541
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 953
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: W/"63fddf17-8a8"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: vcm1FeUYPi_PPlBm3raRJycjKhxNLcH4hyWgV9inZq6PMvGUXBP74w==
expires: Tue, 19 Mar 2024 18:22:47 GMT

GET
H3 200 GettyImages-654400107.jpg
cyberscoop.com/wp-content/uploads/sites/3/2023/05/ 160 KB
160 KB 27ms
27ms Image
image/webp 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/05/GettyImages-654400107.jpg?resize=1013,675
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 20f3803784e02d9d4c115444ad06344548fc791dce46c7f88f53321a43a43786

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:01:09 GMT
x-rq: hhn1 109 198 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 12:01:09 GMT
server: nginx
age: 51020
x-amz-cf-pop: FRA56-P5
etag: "a739af1088c32f95"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 163804
x-amz-cf-id: rXRtxSK0_c1JGFc_DTAjYL_YoCD5CRxf4hUq9DwAJM5IMA1vU9plXg==

GET
H3 200 logo-sng.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/images/ 6 KB
3 KB 22ms
21ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/images/logo-sng.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4e778181b46a001341499372efbad4f99a18674bce73c33dfd5021af138c1e8b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:22:47 GMT
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4867540
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 2278
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: W/"63fddf17-160e"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: DXbsdUdD7H5lSprD15vvF_FUmaQXMVsZsE_OA-DIz9auitP2jw-Pvg==
expires: Tue, 19 Mar 2024 18:22:47 GMT

GET
H3 200 / Show response
cyberscoop.com/_static/ 53 KB
16 KB 23ms
22ms Script
application/javascript 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??-eJyNj9EOgjAMRX/I0RAM8mL8lukKDLuVtJuGv3eQkPCkPp9z2lx4z+bBMWFMMFMefFSwzgj2gjpuSJjAeU0wKfSyua6a9AQl9fFB2aGubHNeBbKsaGZaek9UHJRUBR9/RYIDFtcmFiM5Jh/wn+zw66s+Mj/1aOy7Qzb79PWWFUVaTFN1cM+eHBBbh1KqW7jWbdd050vd1tMHTlJ0NQ==
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0d0d9063f4baf1c2b1b4da8a9951d531cfd7ffdc6ec741077c1231ba7637a4f5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 23:41:33 GMT
x-rq: hhn1 85 187 443
content-encoding: br
last-modified: Thu, 11 May 2023 23:19:21 GMT
server: nginx
age: 354596
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: eD5xmtexo-5Dlu3IL0Tj6F3fjVVPZuRY7DH6FMRXT4bhFaOU9kz4yQ==

GET
H2 200 p.js Show response
cdn.parsely.com/keys/cyberscoop.com/ 47 KB
18 KB 87ms
22ms Script
application/javascript 18.66.100.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.parsely.com/keys/cyberscoop.com/p.js?ver=3.8.4
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.100.58 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-100-58.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 97abafbbf6f1bf56bb6aa432287d1b03ce0d83c3d1ec50a36a6e0e6050cce9b0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: public
date: Mon, 15 May 2023 02:54:36 GMT
content-encoding: gzip
via: 1.1 11e35514d631a9a9566fd489de935c06.cloudfront.net (CloudFront)
last-modified: Fri, 04 Mar 2022 17:46:45 GMT
server: nginx
x-amz-cf-pop: FRA56-P2
age: 84070
etag: W/"62225085-bd24"
x-cache: Hit from cloudfront
content-type: application/javascript
cache-control: max-age=86400, public
x-amz-cf-id: z8j-uEOy2M7fGss4PaCUQ-BOQdTxkuIAszGqzoVvRcCYG5ROYtDy5w==
expires: Tue, 16 May 2023 02:50:19 GMT

GET
H3 200 / Show response
cyberscoop.com/_static/ 36 KB
13 KB 21ms
21ms Script
application/javascript 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/_static/??/wp-includes/js/underscore.min.js,/wp-includes/js/wp-util.min.js,/wp-content/themes/scoopnewsgroup/dist/js/frontend.js?m=1683162902j
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 920853c10d939bdd55d7a7b8e1aee237a9321bf9f498d71c8a2d505f9a28926b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 04 May 2023 01:31:14 GMT
x-rq: hhn1 85 188 443
content-encoding: gzip
last-modified: Thu, 04 May 2023 01:15:02 GMT
server: nginx
age: 1039215
x-amz-cf-pop: FRA56-P5
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
cache-control: max-age=31536000
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: Nd5uhdHmVbZPaQ0MsIEKTeQrEfottj-2hXXH5xEIVBis3sUAqo7tnw==

GET
H2 200 2153467.js Show response
js.hs-scripts.com/ 974 B
1 KB 199ms
144ms Script
application/javascript 2606:4700::6812:873b
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/2153467.js
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:873b , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1d56285e2fb36ec67f34ec2f88948d3300ceb44a0b4607b886efd8fac7704610

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: br
cf-cache-status: EXPIRED
x-hubspot-correlation-id: 65064a2f-96fd-4723-b98a-d2ef4d2ddff9
x-evy-trace-route-service-name: envoyset-translator
x-envoy-upstream-service-time: 8
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: b8afe151-95b8-4ed4-af24-3d4f8bbd6d66
last-modified: Tue, 16 May 2023 01:35:49 GMT
server: cloudflare
x-trace: 2BD8101880FB3DA12A393C95B8934B657D3FC73298000000000000000000
vary: origin, Accept-Encoding
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://cyberscoop.com
x-evy-trace-virtual-host: all
cache-control: public, max-age=60
access-control-allow-credentials: true
x-evy-trace-served-by-pod: iad02/hubapi-td/envoy-proxy-5677b5b686-s4x7h
cf-ray: 7c8017213f42906a-FRA
expires: Tue, 16 May 2023 02:12:30 GMT

GET
H3 200 wp-emoji-release.min.js Show response
cyberscoop.com/wp-includes/js/ 18 KB
5 KB 21ms
21ms Script
application/javascript 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cyberscoop.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 29 Mar 2023 23:37:30 GMT
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4070052
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 5035
x-rq: hhn1
last-modified: Wed, 29 Mar 2023 17:56:08 GMT
server: nginx
etag: W/"64247bb8-4904"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: JNWMMw5FgNkDXfpPksbHhMBu4qKZGPqxNtFRGfTmGuqU92NlT7omMw==
expires: Thu, 28 Mar 2024 23:37:30 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
181 B 166ms
37ms Stylesheet
text/css 2a02:26f0:480:f::213:7ed3
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=itk2qbh&ht=tk&f=9871.9872.9874.14602.24539.24540.24547.24548&a=95056288&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:f::213:7ed3 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
last-modified: Sat, 16 Oct 2021 08:18:43 GMT
server: nginx
etag: "616a8ae3-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 pubads_impl.js Show response
securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/ 403 KB
125 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Intervention: <https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

date: Mon, 15 May 2023 21:19:37 GMT
content-encoding: br
x-content-type-options: nosniff
age: 17513
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 127561
x-xss-protection: 0
server: cafe
etag: 1000764176958695900
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
timing-allow-origin: *
expires: Tue, 14 May 2024 21:19:37 GMT

GET
H3 200 ppub_config Show response
securepubads.g.doubleclick.net/pagead/ 36 B
64 B 74ms
30ms XHR
application/json 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pagead/ppub_config?ippd=cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3aa72d136756ca75bc79ce7578ed75e5427bd33112c96b2b91cb0a7d7ebc347b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private, max-age=3600, stale-while-revalidate=3600
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 40
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 194 KB
71 KB 88ms
37ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d15dc9ec030ba4333755f03b2a8126bb6921686e9df6114a1f347a6c5fcfda01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 71931
x-xss-protection: 0
last-modified: Tue, 16 May 2023 00:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
531 B 84ms
29ms Script
application/javascript 2a00:1450:4001:80e::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
456 B 83ms
29ms Script
application/javascript 2a00:1450:4001:831::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=cyberscoop.com

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
content-type: application/javascript; charset=UTF-8
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 305 KB
39 KB 104ms
103ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/gampad/ads?pvsid=2310393918481724&correlator=3442004055102909&eid=31074537%2C31074544%2C31074557%2C31070232&output=ldjh&gdfp_req=1&vrg=202305100101&ptt=17&impl=fifs&iu_parts=18430785%2Csng_cyberscoop%2Cap_top%2Cap_rightrail_1%2Cap_rightrail_2%2Cap_rightrail_3%2Cap_rightrail_4%2Cap_bottom%2Cap_inline_1%2Cap_inline_2&enc_prev_ius=%2F0%2F1%2F2%2C%2F0%2F1%2F3%2C%2F0%2F1%2F4%2C%2F0%2F1%2F5%2C%2F0%2F1%2F6%2C%2F0%2F1%2F7%2C%2F0%2F1%2F8%2C%2F0%2F1%2F9&prev_iu_szs=970x250%7C728x90%7C970x90%2C300x250%2C300x250%7C300x600%2C300x250%7C300x600%2C300x250%7C300x600%2C728x90%7C970x90%2C728x90%2C728x90&ifi=1&adks=1951456962%2C4107124343%2C4015763869%2C4220772384%2C3445260293%2C564576029%2C1365302924%2C1902044552&sfv=1-0-40&prev_scp=pos%3Dtop%7Cpos%3Drightrail_1%7Cpos%3Drightrail_2%7Cpos%3Drightrail_3%7Cpos%3Drightrail_4%7Cpos%3Dbottom%7Cpos%3Dinline_1%7Cpos%3Dinline_1&cust_params=postId%3D74019%26category%3Dcybercrime%26tags%3Dbabuk%252Cra-group%252Cransomware%26author%3Daj-vicens%26environment%3Dproduction%26page_type%3Darticle&sc=1&cookie_enabled=1&abxe=1&dt=1684203090209&lmt=1684203090&dlt=1684203089725&idt=434&adxs=315%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&adys=149%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9%2C-9&biw=1600&bih=1200&scr_x=0&scr_y=0&btvi=0%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1%7C-1&ucis=1%7C2%7C3%7C4%7C5%7C6%7C7%7C8&oid=2&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&bc=31&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&nvt=1&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&frm=20&vis=1&psz=1472x250%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&msz=970x0%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1%7C0x-1&fws=4%2C2%2C2%2C2%2C2%2C2%2C2%2C2&ohw=1600%2C0%2C0%2C0%2C0%2C0%2C0%2C0&ga_vid=1062206802.1684203090&ga_sid=1684203090&ga_hid=1467303377&ga_fc=false

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

08af6573ac524cdd20dc495145f3257ccbb03acf50ca498792801b23d092ce06

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2,-2,-2,-2,-2,-2,-2,-2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 39925
x-xss-protection: 0
google-lineitem-id: 6294165775,6294165775,6294165775,6237428828,6237428828,6294165775,6267868004,6267868004
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138431840283,138432527572,138431817674,138427517699,138428204953,138432529225,138428549705,138428549753
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 container.html
0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F0F4 0
0 123ms
29ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:30 GMT
expires: Wed, 15 May 2024 02:11:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 pattern.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 299 B
625 B 21ms
21ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/pattern.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 3f43be92fe63af3e20c741cb5ef9fbcbe742bf78b6aafe693f31ed9720289d29

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 22:49:20 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4851747
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 299
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: "63fddf17-12b"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CkxmrxDnPAg98eEOBEATze-9svcAwJNcST1F40A03OfBasxocUw-Ug==
expires: Tue, 19 Mar 2024 22:49:20 GMT

GET
H3 200 icon-facebook.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 371 B
696 B 23ms
22ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-facebook.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 572c153f12ece183e602325e76c01dba662552713252e6799e8e6fbf827252eb

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:04:07 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4864215
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 371
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: "63fddf17-173"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: sWTxdnCTs-NsmWMufR2hDtA5f07fCWpco3xO1MziZSnuSfVzW0BocQ==
expires: Tue, 19 Mar 2024 19:04:07 GMT

GET
H3 200 icon-twitter.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 587 B
700 B 23ms
22ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-twitter.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e21f3b2a0e9d2ff25f55f184242d809b2ecd045ee3fe35a4665b891b82bcb460

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:22:47 GMT
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4867943
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 372
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: W/"63fddf17-24b"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: mlETgT7hth_ZOT8324ZsN7dzN-hrgz3sn1lDfiO6fkeItMQbev8P2g==
expires: Tue, 19 Mar 2024 18:22:47 GMT

GET
H3 200 icon-linkedin.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 504 B
669 B 23ms
22ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-linkedin.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 9b7aaf2c55485b05c5c57fbd95ba6d098da8f8e1583f8946d882d9b3fb8c28ce

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 18:22:47 GMT
content-encoding: gzip
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4867943
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 339
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: W/"63fddf17-1f8"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: CWCNva2dj_1mEbCYXh0DTXnLtCSuPSTM-lvjXJEWSqK2PalIKQntUQ==
expires: Tue, 19 Mar 2024 18:22:47 GMT

GET
H3 200 icon-instagram.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 378 B
704 B 25ms
24ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-instagram.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: be82b86d9b21780a099f969767c8bf5a3dc1221eff1c11cc5463826fdbe14f31

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 20 Mar 2023 19:04:07 GMT
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
age: 4864215
x-amz-cf-pop: FRA56-P5
x-cache: Hit from cloudfront
alt-svc: h3=":443"; ma=86400
content-length: 378
x-rq: hhn1
last-modified: Tue, 28 Feb 2023 11:01:43 GMT
server: nginx
etag: "63fddf17-17a"
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
x-amz-cf-id: VQE9rrD1vm0JIsEpFxc9c1iorRvONEvq-exBDj4rGvYoCobUfgNyCQ==
expires: Tue, 19 Mar 2024 19:04:07 GMT

GET
H2 200 l
use.typekit.net/af/b718ff/00000000000000007735f98d/30/ 46 KB
47 KB 132ms
34ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/b718ff/00000000000000007735f98d/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
server: nginx
etag: "8eb51f23928374af36bf65f02757cd5be6775093"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 47332

GET
H2 200 l
use.typekit.net/af/4337b5/000000000000000000013144/27/ 115 KB
116 KB 171ms
73ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4337b5/000000000000000000013144/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n5&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6413983f57c8f999761ee0f4dc99b0f1fd6293626330e60c03d65a3bc071744f

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
server: nginx
etag: "2fdf8397680527e53165122163643d633320379f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 118028

GET
H2 200 l
use.typekit.net/af/5d97ff/00000000000000007735f999/30/ 47 KB
47 KB 139ms
40ms Font
application/font-woff2 2a02:26f0:3500:16::215:148f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/5d97ff/00000000000000007735f999/30/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n7&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:16::215:148f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89

Request headers

Referer: https://use.typekit.net/itk2qbh.css?ver=172264176d4de0f97962
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
server: nginx
etag: "b4c0d041408776d043674f518c911c68d4f73f57"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 48312

GET
H3 200 ads Show response
securepubads.g.doubleclick.net/gampad/ 47 KB
18 KB 59ms
59ms XHR
text/plain 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

11804a2a3eac8791e4670bea58db640015757ca2ae57ab77d669dd3ab0085d54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: br
x-content-type-options: nosniff
google-mediationgroup-id: -2
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 18246
x-xss-protection: 0
google-lineitem-id: 6292266624
pragma: no-cache
server: cafe
google-mediationtag-id: -2
google-creative-id: 138432557602
content-type: text/plain; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Screenshot-2023-05-12-at-8.28.25-PM.png
cyberscoop.com/wp-content/uploads/sites/3/2023/05/ 159 KB
160 KB 29ms
28ms Image
image/webp 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/05/Screenshot-2023-05-12-at-8.28.25-PM.png
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 7899fe8f107e9e1d14c41a14ea51e90ec4393b01af8db7cee9aa9cfa5ec3ad91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-rq: hhn1 109 195 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 12:01:11 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
etag: "a75f40bf70c423b9"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 163122
x-amz-cf-id: JqD6iJ6pa43Fkly5OlggF3u-L4zPZZv155Sj8qLrQ6dDY14rsMO47w==

GET
H3 200 Screenshot-2023-05-12-at-8.35.50-PM.png
cyberscoop.com/wp-content/uploads/sites/3/2023/05/ 16 KB
17 KB 37ms
35ms Image
image/webp 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2023/05/Screenshot-2023-05-12-at-8.35.50-PM.png
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0516c28e93db061c85521fffb86a49485b17f083e155e68940114b6dc8d98c3c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-rq: hhn1 109 140 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 12:01:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
etag: "85e8e2eef333aa9a"
x-cache: Miss from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 16844
x-amz-cf-id: i9H5Ihq5B8S8Ii2_91890au8DDlL1FTvgE7AOxtkyIs5hfw0MIbLkw==

GET
H3 200 GettyImages-173009670.jpg
cyberscoop.com/wp-content/uploads/sites/3/2022/10/ 23 KB
23 KB 27ms
25ms Image
image/webp 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2022/10/GettyImages-173009670.jpg?resize=507,337
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: e705844d16576afd07f1c832248a5aad4e81ff986052c5ad653f4fd20fc6afa3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:29:35 GMT
x-rq: hhn1 109 139 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 12:01:34 GMT
server: nginx
age: 49315
x-amz-cf-pop: FRA56-P5
etag: "55031cffde64a059"
x-cache: Hit from cloudfront
content-type: image/webp
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 23624
x-amz-cf-id: M1OJtyf74N8tWeOwa9p3a31H26KhM1BuSnXSqUpd-46L7Elk7dQpxw==

GET
H3 200 GettyImages-619636894.jpg
cyberscoop.com/wp-content/uploads/sites/3/2022/05/ 18 KB
19 KB 30ms
29ms Image
image/jpeg 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2022/05/GettyImages-619636894.jpg?resize=252,168
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 852741a31d90e44a35605c5163be36d0185f7bfe79360eed1f4e125c1315c87a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:29:35 GMT
x-rq: hhn1 109 88 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Wed, 10 May 2023 12:21:09 GMT
server: nginx
age: 49315
x-amz-cf-pop: FRA56-P5
etag: "34196b5b23918dcb"
x-cache: Hit from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 18874
x-amz-cf-id: MUGvcF4FZ0bAUqDlQ4YrZGzfYSm5GE-EqnEzxEY9gvXu-WueFah9cw==

GET
H3 200 GettyImages-1396127595.jpg
cyberscoop.com/wp-content/uploads/sites/3/2022/05/ 37 KB
38 KB 34ms
33ms Image
image/jpeg 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/uploads/sites/3/2022/05/GettyImages-1396127595.jpg?resize=252,168
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 0fdd1e9317e89bc9c683377edc1b99c703f988996c7026211cc01ead0b3f3630

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/ransomware-group-ra-group-talos/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-rq: hhn1 109 88 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Mon, 15 May 2023 12:01:34 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
etag: "a05f1bf637c48c2a"
x-cache: Miss from cloudfront
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 38226
x-amz-cf-id: i3XZbU9h8725URKwOstudpnYVRYyW2bpFfMMWQ244_UZVyVxC5PjRQ==

GET
H/1.1 200
OK /
p1.parsely.com/plogger/ 43 B
258 B 192ms
44ms Image
image/gif 63.34.81.234
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p1.parsely.com/plogger/?rand=1684203090314&plid=68580976&idsite=cyberscoop.com&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&urlref=&screen=1600x1200%7C1600x1200%7C24&data=%7B%7D&sid=1&surl=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&sref=&sts=1684203090309&slts=0&title=Ransomware+group+claims+2.5+terabytes+of+stolen+data+less+than+a+month+after+emerging+online+%7C+CyberScoop&date=Tue+May+16+2023+02%3A11%3A30+GMT%2B0000+(GMT)&action=pageview&pvid=8855547&u=pid%3Db431018af5faa8ccb658bf8fec52e37a
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 63.34.81.234 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-63-34-81-234.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Date: Tue, 16 May 2023 02:11:30 GMT
Cache-Control: no-cache
Last-Modified: Tuesday, 16-May-2023 02:11:30 GMT
Server: nginx
Connection: keep-alive
Content-Length: 43
Content-Type: image/gif

GET
H3 200 icon-caret.svg
cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/ 373 B
671 B 29ms
29ms Image
image/svg+xml 18.66.112.24
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/svg/icon-caret.svg
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 18.66.112.24 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-112-24.fra56.r.cloudfront.net
Software: nginx /
Resource Hash: 4397b39bca9ef7784f7ee354d27402a884e61e3adbf4d1e41ace0b688f8cf352

Request headers

Referer: https://cyberscoop.com/wp-content/themes/scoopnewsgroup/dist/css/frontend.css?m=1683162902g
Origin: https://cyberscoop.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-rq: hhn1 85 187 443
via: 1.1 02d68f3a4f2a3f8967c5e021dcd7f96a.cloudfront.net (CloudFront)
last-modified: Fri, 21 Apr 2023 13:11:49 GMT
server: nginx
x-amz-cf-pop: FRA56-P5
etag: "64428b95-175"
x-cache: Miss from cloudfront
content-type: image/svg+xml
cache-control: max-age=31536000
accept-ranges: bytes
alt-svc: h3=":443"; ma=86400
content-length: 373
x-amz-cf-id: O_f2qGR15kMB4APfAZqVe1oKDQ_7Rba3yufc3G1gm0i1P3-kD2Go2Q==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 595F 0
0 58ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssiq9fdWKkNw0RG-OtXe0G73jMk4dJ2c-EbrmSGFtJbX_5RRqUb5IXdfAgKCIdCFD6yvf2tj8r68iIHESCnOFuOrAKgdsN9BvZxM8BYcQ8yg0oD3EanvSIlqMu25FKfVtRiZ1EPSkvvJroiPBMFZWUT_ZPWi9qLW0M8YvoBupp2F7QyHKsi-ZO9YyyiUZ1sLSOF7InhudWORWkJFNtl0dtVveLEWl3DHMFkXvQnksDvZOHehsEj0oZJFLx-bdLyCt2pyYgUJgplNd-ObFGlEcCdZZ3smI5AaHt8jIcx3DdwVpZgzIGkuuVQ_IvRj-dBhKcn6Vvz3kk6-WHyLLM&sai=AMfl-YSf4iRbvFiXMJCTuGYgB65ZF2TGPOCI_w33H1hrw1nFk0BSk4lbI3MrS5catvbjV2euep08ZY8oxOd3XzOvtFcDMUWRgPwaHa7Qfz41X_h3A3Jys82ixSaBZtL1enEBo615v5ZuAVEfHLUN3mvG&sig=Cg0ArKJSzHXeWcKNQT8CEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 595F 22 KB
9 KB 83ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:04:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 595F 3 KB
2 KB 82ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 20:38:38 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 595F 170 KB
53 KB 45ms
30ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 9085216014446330646
tpc.googlesyndication.com/simgad/ Frame 595F 95 KB
95 KB 85ms
24ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/9085216014446330646

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2626fd3522aec35cd5a3caa11160d13545630a06bfd45ce7fc48a2a457b5877

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 04:14:32 GMT
x-content-type-options: nosniff
age: 79018
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97085
x-xss-protection: 0
last-modified: Thu, 04 May 2023 16:51:22 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Tue, 14 May 2024 04:14:32 GMT

GET
H2 200 insight.min.js Show response
snap.licdn.com/li.lms-analytics/ 13 KB
5 KB 107ms
37ms Script
application/x-javascript 2a02:26f0:480:f::213:7edd
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://snap.licdn.com/li.lms-analytics/insight.min.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:480:f::213:7edd Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
x-cdn: AKAM
vary: Accept-Encoding
content-type: application/x-javascript;charset=utf-8
cache-control: max-age=19861
accept-ranges: bytes
content-length: 4777

GET
H2 200 uwt.js Show response
static.ads-twitter.com/ 56 KB
15 KB 69ms
21ms Script
application/javascript 146.75.120.157
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static.ads-twitter.com/uwt.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 146.75.120.157 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
last-modified: Thu, 27 Oct 2022 16:56:53 GMT
etag: "32ad004436155ec972bc50e6238b5b67+gzip+gzip"
vary: Accept-Encoding,Host
x-cache: HIT, HIT
content-type: application/javascript; charset=utf-8
p3p: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
x-tw-cdn: FT
cache-control: no-cache
accept-ranges: bytes
content-length: 15375
x-served-by: cache-iad-kjyo7100081-IAD, cache-fra-etou8220036-FRA

GET
H2 200 hotjar-3095877.js Show response
static.hotjar.com/c/ 9 KB
4 KB 87ms
22ms Script
application/javascript 18.66.97.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-3095877.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.97.49 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-97-49.fra56.r.cloudfront.net

Software

Resource Hash

f5aeae48223cbd2a32d8e1a16881a18ce163e8be4573b207f5c8b310332dd82e

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Tue, 16 May 2023 02:11:24 GMT
via: 1.1 3aad72975c9da06e6d0903ad874f0b54.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 6
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
etag: W/ae900dbb81083d4f88d5fbd8854b1082
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
x-amz-cf-id: njclGTW2qDVn5K_ix412RtKpqJXJZA9lJ__abmlFo-7V2uaFV-tJyQ==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 69ms
23ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 May 2023 02:11:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27538
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: +nn68CGwP1qM1+CiAyuLy0jcdM+FQ0zl+JeNEIRlM6uM7a6xBHZThn2fUQ7Hs4A5ZSgUkF/dmo/p9f2G+VJgxQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), gyroscope=(), idle-detection=(), midi=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 223 KB
78 KB 39ms
38ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-T6DX9FEHNM&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bbd385457b8455ef1893b2422ccbea230d4972c89e13b62b0d0a9e19ec44f084

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 80210
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22F6 0
0 65ms
64ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssmIjLeKFEuRMx3TMAUnV4FPJZQBh007_z5y1lpQGtbqaTte0P8CpAUHErdCZTrK_fngxX6UMIF9rotzffdQq28g5J2VQZ_a08DAxfcaAd_RGRQFgYVx9c_RI20IinUUlUEDNAKKbegVCa7UzSbfIl_gaINAxtxezujySgnI2SAsn24qZvGVVAT9KMgiDTPYokpcs-VCx3bXXuYKj1iFDUt8Fqf7VDfZeGsh0lNMpp0ElN6M9QNoFmm6DGhz5EEUd5u1QJXOcQSlc2zY3ClG8rNjRniZO1TIJDDE--K2IFd8IuWqHU-GEO6yFFihSepzTF88gHOK4MIcobcY6UqrzXc&sai=AMfl-YQDEiIqa42B13QqurURN3kdN2vsp18_LmB3-22HOw3KTqOLPgw0GPwVlTVOGBXJ-7zkRJ0ZXwSzMuzmKND9Sats4t3haV1VG2JlY5JsUT6hgrDLsBFoiU_U8dmJqHtk_ryt49Atb0cjj1eJqwY&sig=Cg0ArKJSzNoAMCLtERMFEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 22F6 22 KB
9 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:04:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 22F6 3 KB
1 KB 60ms
59ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 20:38:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 22F6 170 KB
53 KB 29ms
28ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 8743528433803440927
tpc.googlesyndication.com/simgad/ Frame 22F6 43 KB
43 KB 60ms
60ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8743528433803440927

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6432394ff899ab504941e775edc03cf350d607e1877308ed1eb4911fd03f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 01:37:33 GMT
x-content-type-options: nosniff
age: 2037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44159
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 16:22:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 01:37:33 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 720E 0
0 67ms
67ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsve8HsjSNy0Lb3oxCy1d_JkWQDuBACLRZQfTSGt-0KC_SJvAaHphpnR-wos-2-mgfMOLMZUu9GXrzy2iOYtvu52pAA2H9_HQBInTd0olaQGn8_phM6e9dZc7CUjeeXveCbYZcH7b5SjiGuNSIvZeK_2BWYg1sSJkS17dICS4JoDpTKVN2moX4lQaE5OZTKg3IJlYbMlwP3Gr5h4HVs2H0mzJvPIw7s6j0oS7lpULT--MOzMj4Up0-zb3YONg6zIiB7q3OSeXpjiMR5pDYFH96nnX6m_ndVtWUvF70MR2dV31P1Ozr5DsiGTs5zNcv8lD67Zp4_iM8BlS3WK_2I_ycNi&sai=AMfl-YQcjlV56eh2XPpCS-WME_6bL2IaDKYV7byYzc3fosrcN6MQox8C1wx7sI_0Q5hb8Mx0HlaU1TJyM5tHWPqy9TomI8789gZdGmFZpbqRSZZNBAkjXUljlwiSLvNBcPZwHpAu0PFmEOlJVJMz0AY&sig=Cg0ArKJSzKmQgebumgX5EAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 8743528433803440927
tpc.googlesyndication.com/simgad/ Frame 720E 43 KB
43 KB 56ms
53ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/8743528433803440927

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dc6432394ff899ab504941e775edc03cf350d607e1877308ed1eb4911fd03f5f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 01:37:33 GMT
x-content-type-options: nosniff
age: 2037
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44159
x-xss-protection: 0
last-modified: Tue, 28 Mar 2023 16:22:47 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 01:37:33 GMT

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 720E 22 KB
9 KB 53ms
51ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:04:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 720E 3 KB
1 KB 59ms
58ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 20:38:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 720E 170 KB
53 KB 38ms
37ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 container.html Show response
0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame 7C37 6 KB
3 KB 24ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:30 GMT
expires: Wed, 15 May 2024 02:11:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62B8 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssUVWub1jW-Hws2qB1FQZbwYfVaW32g6OMfaio7qv2bXpFVYPPzcb4wlQtCCOP7Gxje_taZGJ50pZrriQVRvMr9YHwz-wHXFi50WtoTwsJs8XxOUvXiaONdYzLZCkORBk9fikHyxI722XflHqAuglMGmT3Xn_8FTu9IWEu24RBLcC4b-OD4d4tZSAAaasuTy18tiQo_QSou_XJXlS_ko398eM1wr_ltHwzj5YVlhh5LdgjjdKkAUs8sS1tELaihzQRTO3mURXiTfMiXlfHFw6F1jIAHUZG3qjLbXNS49kQZkqwq3Kwj-ORJFSRjuR6QLyuem-xXT_z30kOSPBip&sai=AMfl-YRXMCM6hcp0HEQx7cAT-jHqv8lwiUbjxcaAmdzsSmGQBibchDlziYkZQPt1GC7hshSmsfyP7-DatFUK0Rzm8GrPS2hzEasMQGda1SdG2d_K-G2wlzvQ20ZTiMc-hNFMOcdeqdOouYHXjiR5WMo&sig=Cg0ArKJSzNOUsj-MXiUqEAE&uach_m=[UACH]&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H2 200 abg_lite_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/ Frame 62B8 22 KB
9 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/abg_lite_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 18:04:01 GMT
content-encoding: br
x-content-type-options: nosniff
age: 29249
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 8754
x-xss-protection: 0
server: cafe
etag: 1905752258753453817
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 18:04:01 GMT

GET
H2 200 window_focus_fy2021.js Show response
tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/ Frame 62B8 3 KB
1 KB 32ms
29ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20230510/r20110914/client/window_focus_fy2021.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 20:38:38 GMT
content-encoding: br
x-content-type-options: nosniff
age: 19972
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1236
x-xss-protection: 0
server: cafe
etag: 15004572836499977866
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 20:38:38 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 62B8 170 KB
53 KB 37ms
35ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 3345522900057128272
tpc.googlesyndication.com/simgad/ Frame 62B8 11 KB
12 KB 31ms
30ms Image
image/png 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/3345522900057128272

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ae7b3291a5abd0fbd8f793230f58ec5818624c3714954da938fdc123bdde2a87

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 01:37:36 GMT
x-content-type-options: nosniff
age: 2034
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11676
x-xss-protection: 0
last-modified: Tue, 04 Apr 2023 20:49:24 GMT
server: sffe
report-to: {"group":"content-ads-owners","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/content-ads-owners"}]}
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="content-ads-owners"
expires: Wed, 15 May 2024 01:37:36 GMT

GET
H2 200 container.html Show response
0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame DDE5 6 KB
3 KB 28ms
25ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:30 GMT
expires: Wed, 15 May 2024 02:11:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 container.html Show response
0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/ Frame F1E4 6 KB
3 KB 21ms
21ms Document
text/html 2a00:1450:4001:80b::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, immutable, max-age=31536000
content-encoding: br
content-length: 2653
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:30 GMT
expires: Wed, 15 May 2024 02:11:30 GMT
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 2153467.js Show response
js.hs-analytics.net/analytics/1684203000000/ 65 KB
21 KB 91ms
31ms Script
text/javascript 2606:4700::6810:89ce
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1684203000000/2153467.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:89ce , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a86e5cd11e4c107f74c26cf880b4ee2175897ded3e0168a114f216b8721d9fc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-amz-version-id: null
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: Z7HSXN8BGXM91595
x-evy-trace-route-service-name: envoyset-translator
x-amz-server-side-encryption: AES256
age: 6
x-envoy-upstream-service-time: 26
x-amz-id-2: VanHOwerEUo8bDzgaVZHddu7ZBZMUUsYJvVDUEWIGUMp/bUke6S5AojRIMurzhqK83VH9YEYiTw=
x-evy-trace-listener: listener_https
x-request-id: 98880608-6e36-4e2f-ac49-17a5e22186d6
x-evy-trace-route-configuration: listener_https/all
last-modified: Tue, 18 Apr 2023 13:56:33 GMT
server: cloudflare
etag: W/"cfe9b69b3b39e163a31f1f509a4f5cca"
vary: origin, Accept-Encoding
content-type: text/javascript
x-evy-trace-virtual-host: all
x-evy-trace-served-by-pod: iad02/analytics-js-proxy-td/envoy-proxy-6b7cfc8cf5-7flbw
cache-control: max-age=300,public
access-control-allow-credentials: false
cf-ray: 7c801724d96e03f0-FRA
expires: Tue, 16 May 2023 02:16:24 GMT

GET
H2 200 banner.js Show response
js.hs-banner.com/v2/2153467/ 208 KB
64 KB 92ms
33ms Script
text/javascript 2606:4700::6812:19c4
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/v2/2153467/banner.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/2153467.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:19c4 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1a4f3b4fac8a1b4672f17ea493c910a540fefb08c3fad67c8de3bb68c11f8e39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-amz-version-id: rn2p4Aeoc3m6kEPQLQNMT2Mh3Cy61VBM
content-encoding: br
cf-cache-status: HIT
x-amz-request-id: 03HJTW6MY0ZKPQRX
age: 136
x-amz-server-side-encryption: AES256
x-amz-id-2: KCaKG9+Sov17azn41X//DQvRjAW4r+tCya6gPJH9FWLO6w5D+rEtIl9dvMQM9Ogxs9umFgG4fYnMbyKh7tskcPJqyyjQ8zADEivBeMsXBz8=
last-modified: Mon, 17 Apr 2023 15:03:56 GMT
server: cloudflare
etag: W/"f05b1593a40daae837983e2a2c6accaa"
access-control-max-age: 604800
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: https://cyberscoop.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
vary: origin, Accept-Encoding
timing-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
cf-ray: 7c801724dd991e31-FRA
expires: Tue, 16 May 2023 02:14:14 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 72ms
22ms Script
text/javascript 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KR697BF

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 16 May 2023 01:05:00 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 3990
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Tue, 16 May 2023 03:05:00 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame 7C37 24 KB
6 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 May 2024 09:20:09 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame 7C37 16 KB
7 KB 24ms
22ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 16 May 2023 03:03:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 7C37 170 KB
53 KB 34ms
33ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame DDE5 24 KB
6 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 May 2024 09:20:09 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame DDE5 16 KB
7 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 16 May 2023 03:03:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame DDE5 170 KB
53 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H3 200 ext.js Show response
tpc.googlesyndication.com/safeframe/1-0-40/js/ Frame F1E4 24 KB
6 KB 24ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/safeframe/1-0-40/js/ext.js

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 09:20:09 GMT
content-encoding: br
x-content-type-options: nosniff
age: 233481
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6402
x-xss-protection: 0
last-modified: Thu, 03 Nov 2022 19:10:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-gpt-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-gpt-scs"}]}
content-type: text/javascript
cache-control: public, immutable, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-gpt-scs"
expires: Sun, 12 May 2024 09:20:09 GMT

GET
H3 200 dcmads.js Show response
www.googletagservices.com/dcm/ Frame F1E4 16 KB
7 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/dcmads.js

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:03:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 461
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6883
x-xss-protection: 0
last-modified: Wed, 15 Feb 2023 19:52:36 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
expires: Tue, 16 May 2023 03:03:49 GMT

GET
H3 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame F1E4 170 KB
53 KB 53ms
53ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 53845
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1684150324481819"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 16 May 2023 02:11:30 GMT

GET
DATA 200
OK truncated
/ Frame 595F 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c6db27eb990f9ca6bad96ea333923da128956f35849581be364bcc6dc342de9c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 22F6 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 961d7451d74678f15d278f0985e031a08531436181db15a1ad2e66bcfdb88641

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 720E 216 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ffeee4401a9f2216f3f83341fc13310339b4adec18270b2825aaced0afbfee0a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 62B8 213 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 14099fd00568c8e91b7d36016e4e6113effc68577cdd0d941c8251473ade4b29

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 595F 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst2Qi3n6gwfwaFDrktNXV3WAWIwrw_V0pTuEgmQUFa6W_Iv8ho7nVa-C-95v680nCWgugQbNTFrCYU-8_hzQAYOYEPmgdU7YquX6ZmJykCpcBD80nbpFWn360pRuAliy6510tt84wg_cJ7FDQSdMoq2GLvMMVFvtIl8oegZ1ZhJlAXJAHTB4UybBRbHuVymIyWovvsRaZ3qhDhORmnZc2TSxlbGshTJYAn5gquCGz-aPDKQn2HBUqMF0STEF-XCH_XyT3_t136zcizz0BryvZPK7KLNp6ynIrVYzncF_6X7nsdReT9dQ1V_xceeMPDD_2-BXLzkahmgZMObXhzmBQ&sai=AMfl-YQxCSDum70ekQLXg0cXUjrKbClVGhgImXy3v4-7WbRRcBwsS9fS-Xw4VhDCJMf1dHkhTCpv0Y6iccq7O_uWpSOHFC_yUFJahjM8GyWrV3QW83mkutl_sivooSCnvuVh4jLVoW9ZbfmnJ6-pFR1k&sig=Cg0ArKJSzMpKqvJylRrsEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 token Show response
cdn.linkedin.oribi.io/partner/50036/domain/cyberscoop.com/ 36 B
375 B 92ms
23ms XHR
application/json 2600:9000:20eb:8400:2:53b2:240:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.linkedin.oribi.io/partner/50036/domain/cyberscoop.com/token
Requested by: Host: snap.licdn.com
URL: https://snap.licdn.com/li.lms-analytics/insight.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8400:2:53b2:240:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89

Request headers

Accept: *
Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 01:51:43 GMT
content-encoding: gzip
via: 1.1 7a3193ebce69450274ae629ce856b09c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1187
vary: accept-encoding
x-cache: Hit from cloudfront
content-type: application/json
access-control-allow-origin: *
cache-control: public, max-age=3600
x-amz-cf-id: 1tGC9yMMYd6-qy-RCX25-MaA0YAybin9UqpaLz0d7ZOiWlSdOKmOBA==

GET
H2

200

collect
px4.ads.linkedin.com/
Redirect Chain

https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true
https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D50036%26time%3D1684203090790%26url%3Dhttps%253A%252F%252Fcyberscoop.com%252Franso...
https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true&liSync=true
https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true&liSync=true&e_ipv6=AQKrK7XkMT3IOA...

0
264 B

242ms
194ms

Image
application/javascript

13.107.42.14
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true&liSync=true&e_ipv6=AQKrK7XkMT3IOAAAAYgiU7b5c61qISMIyp8k4k0ck441ZUncP-dbaldxPuQEH2NxNhZVXZDMR3now5QARB0BjKkWU-MdRA
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Server: 13.107.42.14 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: DBAA79A163E745CCB0D3CFCF0913B594 Ref B: FRAEDGE1111 Ref C: 2023-05-16T02:11:32Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
content-type: application/javascript
x-li-fabric: prod-lor1
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7xhcIomcQMnip6HUgqA==

Redirect headers

date: Tue, 16 May 2023 02:11:31 GMT
x-li-pop: afd-prod-lor1-x
x-msedge-ref: Ref A: C1FA6D99E3EA4084BCCD1B8694AA809A Ref B: FRAEDGE1911 Ref C: 2023-05-16T02:11:31Z
linkedin-action: 1
x-cache: CONFIG_NOCACHE
x-li-fabric: prod-lor1
location: https://px4.ads.linkedin.com/collect?v=2&fmt=js&pid=50036&time=1684203090790&url=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&cookiesTest=true&liSync=true&e_ipv6=AQKrK7XkMT3IOAAAAYgiU7b5c61qISMIyp8k4k0ck441ZUncP-dbaldxPuQEH2NxNhZVXZDMR3now5QARB0BjKkWU-MdRA
x-li-proto: http/2
content-length: 0
x-li-uuid: AAX7xhcB4/jy0HTNaFxl4Q==

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 22F6 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjst5QLd3v9y1NnMVQyMM03S8Dojd8DGEmebnGcyf7bkDt5CyBAmD_Uegytc7cpJoscA3q6K1nuux0ZDAxPAxsTtgPEuff6wy4qQkhcsuLKyqM3kMOCEsD24qWuiTz-jeFClWsOW9CycXjXfjjyMUOXeoFFifrIaeTMgyBxwo6RRBaXAa5_TO7GXnoU_TKP-OKkNcqMvnBxY-J_faLZ5ygW0f586F6I6ioWFeq-YtOfmGNrzUGT8yzNv5_J3wt7PvUQKEgDuwJ8USJCdoWeTIBRKx0rCooc1ASZLcyqlhn1GFhGvYWD8jchiSe8q_V4COeCJQSn-jgFKnPq0Mfdrrl4YOrcw&sai=AMfl-YRrkSsDghL7Ka1jj6j6a_HLaRLtWqv6CO8IquFAmpytDWKfPUIpY3uziwE6xRFqr9vEt8RGHJljhkoRNBPi5LXsCk5zpeM-BxWU39qpUcf5HvgUcczXITeWk80o2R88_aFXpwb-xrFecPn8UlQ&sig=Cg0ArKJSzAjmVTYLb6dVEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 720E 0
0 59ms
59ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvis-Hmtadj9L2P-SzNQK2SyYsOGqAIn3PxPnJ1aqwPYXxB-oTtQ93btwZSImh9nA0hO_QqXZnOSHxJ9n7VUwolXqoCFAI889hS8F0_F_JFwyTaAv6DPREcL2K59p_jkH9zMTmG7sKEGcoPQ9gEk1psa7Yu8q4PzcxWWFui_v3ZGZAcqHiLHGblP-IO6cDI37Lf-hWHytALT1no-deplrIoeO2JJS3eDPG5riYaKOIidpsoLA6ClE6-f2K6OqPMQU7yVXCl-mqsSg5SKbkeaE5aSLrGxkFHtl2sglU4E34m2PKvpfGUo1hDGnPySmDdMrwXhI2PocmWZ8yQ5m7wWWmwur0&sai=AMfl-YSIVgkPY7TUKi6uILdqmRyZT5MoX5WDm1JZ6ZlmyfCF6AkDn9EtESaRXa2e1V6SaxKO0vN5ouUEDmb1bIaEBtFt2v87i36rqYA9ztyKBSqMn5ur4A880GU_BI6AsXgHPLI7ZX6S65aX-VSQGfs&sig=Cg0ArKJSzLKWEMfsdGbHEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 62B8 0
0 62ms
61ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsv8CXq0K4WdKs7kYTyYlaFkMBp1wYzFWEjpmDWmYX4Q-CC1aFkJt2z-3IelTVgWC5kt2VYQq4NVudtOL1oFNoiGEZbK7D1fJzMbcmUEBZesy07ZYiOc3DPKGLkKUdLO_TUnwfY9i20sWmcVasolVUjwnCcKr3mel-cW4zMUdKtoAw6zpMU9OZXa-g6Tymt6omTCAvKDLjEXHgo7wJog32yi_EyZfeRKLpapO4rmx2ZgXG_GbrkSU3y42og69Okc9-EodtYi7294iqklPbrLefRM9litXFEFOlkxHYyBabWNIBGOrJU5ySG9Lh3e4WASkhKHOSCPIVSGUj_7jJvqfCM&sai=AMfl-YRwvyJfhfIawdkH0CqFuw4fYogn02nNh4ksPX-gEALertBZwTOEErjSiyxu-X7IRjsQcteVNdZ8PWgLYbVbCUX1ngwgU7rZScZJKzC3t9ZzbcqkzXlj-JuWGb5bzI84Gfe0w_ZqlX7P9VKZXJw&sig=Cg0ArKJSzEPd6vr9wvhoEAE&uach_m=[UACH]&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:30 GMT

GET
H2 200 modules.36fe7de285484ee66a3f.js Show response
script.hotjar.com/ 264 KB
68 KB 82ms
24ms Script
application/javascript 52.222.236.43
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.36fe7de285484ee66a3f.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-3095877.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.236.43 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-236-43.fra56.r.cloudfront.net

Software

Resource Hash

c8aeb14eb55cd36dae845d0d5ceb285c4f771badb5764cca196d41cf98e144e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 12:55:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 10f3c0984ab3eaba3e5720ed830a77b6.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P4
age: 47783
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 69560
last-modified: Mon, 15 May 2023 12:54:50 GMT
etag: "d1ba8aba923f3f356c1bae1984fd1104"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: -19ZTD8A-WpwxBQUHtvlE2pu2pSw_h6i7_tDThu_a2M1SJvwzupHdA==

GET
H2 200 adsct
t.co/i/ 43 B
377 B 181ms
130ms Image
image/gif 104.244.42.69
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://t.co/i/adsct?bci=3&eci=2&event_id=6e568eca-749c-4837-a51d-8d257ff7d52e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c40324c3-65ed-4e98-b622-a90b2b1f1f2d&tw_document_href=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv8sr&type=javascript&version=2.3.29

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.69 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 108
date: Tue, 16 May 2023 02:11:30 GMT
strict-transport-security: max-age=0
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: a5aacff423696fa3
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: ce0ecfaee173016c6d0d9da7986f8c14982a8478e1c3c51d6ac36f5f7f155053
content-length: 43

GET
H2 200 adsct
analytics.twitter.com/i/ 43 B
395 B 184ms
133ms Image
image/gif 104.244.42.195
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?bci=3&eci=2&event_id=6e568eca-749c-4837-a51d-8d257ff7d52e&events=%5B%5B%22pageview%22%2C%7B%7D%5D%5D&integration=advertiser&p_id=Twitter&p_user_id=0&pl_id=c40324c3-65ed-4e98-b622-a90b2b1f1f2d&tw_document_href=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&tw_iframe_status=0&tw_order_quantity=0&tw_sale_amount=0&txn_id=nv8sr&type=javascript&version=2.3.29

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.195 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

x-response-time: 110
date: Tue, 16 May 2023 02:11:30 GMT
strict-transport-security: max-age=631138519
server: tsa_o
content-type: image/gif;charset=utf-8
x-transaction-id: 53239a82b2bf428f
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: 673e48a60162b5c020c7f773f08fd6e64427fb06d09f0e58102c650ea18aa685
content-length: 43

GET
H2 200 896395920528126 Show response
connect.facebook.net/signals/config/ 376 KB
108 KB 24ms
24ms Script
application/x-javascript 2a03:2880:f084:d:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/896395920528126?v=2.9.104&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

54a879695bc1dc9ff223f9f9a965925c5ec481b5295bdbc86b8644b0581e7248

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Tue, 16 May 2023 02:11:30 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 109806
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SBQT/7SnTt699N+4W2LpOfU+3pjTLbnENzG8j/22vVi7URQwWbZEWW6dl3ZR+eVaLYH+2VnsZ2yliaoVJfDO0Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
253 B 79ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-T6DX9FEHNM&gtm=45je35a0&_p=1467303377&cid=1062206802.1684203090&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&ngs=1&_s=1&sid=1684203090&sct=1&seg=0&dl=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&dt=Ransomware%20group%20claims%202.5%20terabytes%20of%20stolen%20data%20less%20than%20a%20month%20after%20emerging%20online%20%7C%20CyberScoop&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-T6DX9FEHNM&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:30 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C37 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuxHM2TYJZTI9Xicv_RkIgTx6GJqIhoLk5DlaAfVrApizrvBK_IUUkzBWKcHWLwaWMhFDxF5nUHdKQXKx6FyMKYChW1FcrNRgSKFrDgtWG8scfHOZSWoAgQm6ebL-_rn1NtsCrxgYdjBjmGWcz6urZMM7kn3zZ1ypaaSqEfGeBHYrTOMMAjdBu6eTKe1QB8Qh_1SUWbjV43iz_MpEZjcrSDp-oZ--FZHB4cQvDU23ch4-2FpJnwL-ttB-3sINSAkhTZ1vK-56Hdl2Zw2J0aAYxnCbzSl1pihaaao-U81dQUk3MzJyQYI_ZKPwKa737qeaiz-gg6HDOppyqWoLScZorU&sai=AMfl-YRdXzGMDNuJDe955iIcNrNJfLVrZjbP5c2DX8CQWXbMl-A8-d5d8ulk7w7FEPtTeCLdKq24O1bs35TjPYtfuqFfKowTWzH-UHPk4vEZYp__nbwNYf-EcMnPTzJmhI_QhylKg8ISHodLwBZAqPQ&sig=Cg0ArKJSzElAxbIwiMX4EAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
208 B 31ms
30ms XHR
text/plain 2a00:1450:4001:80b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1467303377&t=pageview&_s=1&dl=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&dp=%2Fwelcome%2Fransomware-group-ra-group-talos%2F&ul=en-us&de=UTF-8&dt=Ransomware%20group%20claims%202.5%20terabytes%20of%20stolen%20data%20less%20than%20a%20month%20after%20emerging%20online%20%7C%20CyberScoop&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAEABAAAAACAAI~&jid=318772863&gjid=540634362&cid=1062206802.1684203090&tid=UA-80491860-1&_gid=1109618069.1684203091&_r=1&_slc=1&gtm=45He35a0n81KR697BF&z=1719692823

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:30 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame 7C37 60 KB
23 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 17:11:06 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DDE5 0
0 64ms
63ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsuVTBj15AiyRy9-bqLXWHxEqxUT9zZuom21EgtrbZWcQlOpvS8t_lX8gRpeIXd9iRQ3FkwZaGNlDuhW48MkXHibuOH5tC7DbS4Mn4kcQ-pC5M_ruJm_GTRt7G7AqsTZiVauhpvxjdXrnHEJkzWYr0oDOj7aOkvBRgHSr1k2L08Nw6vofv-x5J5-TAT76WwMAlVwzWu0KjFrc-Pab_OSKE_z_1hUEWDI1ArVFw8cEWkGAqSDkf2fU2O_eEt27aTBJNQE2lMx8I46GqVsIJDTdLleOHiU2e4koaRxyYfZHQiKy-a5wHkMXhVdHdYWNV378Wpt2Uhg80JZVw&sai=AMfl-YSNV8ZBZkuyGfpNRh4L3WXap3hB5wjtrcig3kKZTcwgX_XPY5TiiY8l3uEVeBltxNc7hND7UbnEbhr5nBNLVkYxial-TIGVxCUuL8VPIqmNaraoMajhGP9yGYZF_wRCe6D6YZBLP12Z3UOz_mM&sig=Cg0ArKJSzPb_DatSprKJEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F1E4 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstfR6k03vrI_JbfW7Br2l6JXEHmrH3nULTn6YqnurcHBwja8e3aayVs5zLSvgyaEHUGAhzAH6aM4xDPatygV8qTOYjGKbspQx3vawJPoBA1aCsScQqbmz1aDVv_wx-YovN75johLiDZoXZaffIolhZWEtJbHr8pIDji-ebfryei_W5Kx6rT44k_zd-VP9ZyZ-ub6G_Vd9AerQJVMlEKjF8JvfaDetOm7l1H2h6h3l95rjRq-Up01-5rbffHPv1YCwxEaaeOm0h9yObuNMbCls3DpLjqUT-LNF0MWeI9x9NuOzy5Pwz5zQYAEEtyPFUhsx9wA8_jycyFYwa4fF1LPcl8&sai=AMfl-YSQnNZmNhsPHcAcmK8UiLTS73hx6c4KfiDqwwXslPTkfZB1kG2IU0x3pL91dmsNXj05xP7HTI25N4mwPajpMCrw-aJQFPVF_fPNHrjJo37rEK7ZzxTDYrTSP61-klapK5Pj1fBCgCEJZHn4D3U&sig=Cg0ArKJSzKfqoAUGt2eIEAE&uach_m=[UACH]&urlfix=1&adurl=

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0

GET
H3 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame DDE5 60 KB
23 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 17:11:06 GMT

GET
H3 200 impl_v95.js Show response
www.googletagservices.com/dcm/ Frame F1E4 60 KB
23 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/dcm/impl_v95.js

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/dcmads.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 17:11:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 205225
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/ads-dcm-tag
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23368
x-xss-protection: 0
last-modified: Mon, 13 Feb 2023 18:47:20 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="ads-dcm-tag"
vary: Accept-Encoding
report-to: {"group":"ads-dcm-tag","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-dcm-tag"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 17:11:06 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
348 B 92ms
28ms XHR
text/plain 2a00:1450:400c:c00::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j100&tid=UA-80491860-1&cid=1062206802.1684203090&jid=318772863&gjid=540634362&_gid=1109618069.1684203091&_u=YADAAEAAAAAAACAAI~&z=1654939647

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cyberscoop.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://cyberscoop.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B29671449.364580302;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=153375247;ord=b0skrn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssEzdIoxildgU7WhOFpbLFloXf67nHc8JXFfllLz4-w3... Show response
ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/ Frame 7C37 82 KB
32 KB 123ms
68ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/B29671449.364580302;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=153375247;ord=b0skrn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssEzdIoxildgU7WhOFpbLFloXf67nHc8JXFfllLz4-w3UOt08-yKZf5flJjfLmV2UFPD_GAaYnCA0YK55EH_7UUaun87QHT0KR3Np578X4XT0e_I62yoe_cuMZGl6mjFZCjDhpguhwXeaALgpCniw7Uv8KSETWGPtYPQ8B7acd0fiXZSh5KWG5xE5ZteGh2SZ6ROx62A5x0R1e_P4QUW3EaF_LJWiYpB0CxPAII_anJs0nl63dRQdy4dGCUNPi3qAs8V86M67pyKddCrgW08VtwXDYj_fdDdNv2Sjq3mz6iPIwNsoyxuzmab5YXsElacmp0IPjXLpTgiE14HblQ%26sai%3DAMfl-YTKT1HBIFjFBTmybqUz5ViFbLPVGzZu8zF-FKcfdhp_-5xgvaZ2QHcghMR3YDLcLuYR62bzhUWlgmsIGSl-3BUMHm1RPGYZtp_dg9EiH7t2NCQAl5IAiuKyWkvp-2364q8Uo_8sElaJBPS3I8g%26sig%3DCg0ArKJSzLr7YsN-4iMwEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcyberscoop.com%2F$0;xdt=1;crlt=4*)PTp_6F1;stc=1;chaa=1;sttr=74;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

d9f8fdf160360b1592d35a47f2fff43ac3d92f2dde6ec0d5dc3d0c2acb22578c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32238
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 62ms
20ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=896395920528126&ev=PageView&dl=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&rl=&if=false&ts=1684203091087&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684203091085.1436452450&cs_est=true&it=1684203090884&coo=false&rqm=GET

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 16 May 2023 02:11:31 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 B29671449.364578544;dc_ver=95.280;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=1575237685;ord=ufi8rk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzGJB79_eB8C8JiMEzG8Qamzap... Show response
ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/ Frame DDE5 82 KB
32 KB 123ms
96ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/B29671449.364578544;dc_ver=95.280;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=1575237685;ord=ufi8rk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzGJB79_eB8C8JiMEzG8QamzapoQDF0JY2gh1T3lHxjQNpXLDbmSJpRGm91x0r_fTtaE0G4mTAmGcLuiA8g9X24ZyjR2leqZfzvwo7NRkN8QsyshdFh3TdzUjeFAH_No7tZXa9CirbbuGB8j1KKqkncZnVdwA5SJf7Z28lCejVdco-OtrYJ2ZWUy-XUpp4T2QOnt_tr8TVqYDJWOyrO0mG-pj3ND3x0Yr_EiHtT81_1HsJFZk8rfhjoD8jZ3Dcqe24UNEH3ZgpEy-S5UQQkFuWlpAtcDCtUB6TQpEzf5hayW0EVCcoM1xjAm9K9j2XPaSx1a8vmw%26sai%3DAMfl-YQNFaELcm6Uw4q1PdHFaVdfuA5pzWBVR9olxv0vj-hmHnLVrZ6-jCMEZHUF8MeeusuGoOFxE5leq8BYtH2KTsuoJozQp3DIJqP9Hd1VrhH-ogjMB0nMiin3B1YktlhfY0NR6aiX2lPdBe2CocI%26sig%3DCg0ArKJSzKg80wJTRApqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcyberscoop.com%2F$0;xdt=1;crlt=4*)PTp_6F1;stc=1;chaa=1;sttr=91;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

441342f6804e620eadb06824660f07a551d3ceffdb9f6c973dfef9ae133c4870

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 B29671449.364580305;dc_ver=95.280;sz=300x600;u_sd=1;dc_adk=2584423925;ord=oxcj53;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvxgu4kzUvFpBPCGFW5eMFvDr47k-dgRp5wIFDHeHV... Show response
ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/ Frame F1E4 82 KB
32 KB 133ms
109ms Script
text/javascript 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/B29671449.364580305;dc_ver=95.280;sz=300x600;u_sd=1;dc_adk=2584423925;ord=oxcj53;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvxgu4kzUvFpBPCGFW5eMFvDr47k-dgRp5wIFDHeHV3k2lVYkfPRlD6EV0I43odoDMCYuYqMENj-IFlsmrJG65jK4ieFKBcKgVsqPlX5zRUD7Y6nKRfMd-W8jcF4FkuLu-wkRQV_hk7uh6HrQChV7s_ceJoxjArHlaOn0bqpvnU25MIMAE0UDWvLnqCkBW7uZ0lhI0oja-xf7GXg6bVTR8sgrunYqUvX3SJX9jH8919Fmd_pv7DFTeO4CjxGRoQ6MaGXjgYRoLriAtaNUu9AlIKLWDO4W25tCGKve31Q3TwUw2RwY-dQ_6ArMxO5dJMabniEFcJP4sI1GibRzb%26sai%3DAMfl-YQKj1y6T7-3_Hb5eg1sM3bjcqC1GP2ltqiZwT82kP7rS9FbltXCKeUhxMKT_ZBnzE2Co2MqkyrzpT1mcT9-kDKuojmfh9YO2oo8AGNIe9vizVMo35hfJFhSAIgiwhrf5pphZQIiaNJf7l1EavE%26sig%3DCg0ArKJSzF3wQKbgpb0tEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcyberscoop.com%2F$0;xdt=1;crlt=4*)PTp_6F1;stc=1;chaa=1;sttr=92;prcl=s

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/dcm/impl_v95.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

a08b800104b30a8098e84e2a7edf352683a92ca368954e6f16a51580f56c2547

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 32421
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 84ms
33ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-80491860-1&cid=1062206802.1684203090&jid=318772863&_u=YADAAEAAAAAAACAAI~&z=980697866

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 77ms
30ms Image
image/gif 2a00:1450:4001:82a::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j100&tid=UA-80491860-1&cid=1062206802.1684203090&jid=318772863&_u=YADAAEAAAAAAACAAI~&z=980697866

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1401916/70726091/ Frame 7C37 46 KB
12 KB 170ms
51ms Script
application/javascript 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1401916/70726091/skeleton.js
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 8eb96b4731d232e9cd54ef830c607716a2c543f593d705ab3493ecc04d6bad91

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame 7C37 106 KB
37 KB 85ms
21ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Origin: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 09:20:28 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame 7C37 11 KB
4 KB 87ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/B29671449.364580302;dc_ver=95.280;sz=300x250;u_sd=1;dc_adk=153375247;ord=b0skrn;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssEzdIoxildgU7WhOFpbLFloXf67nHc8JXFfllLz4-w3UOt08-yKZf5flJjfLmV2UFPD_GAaYnCA0YK55EH_7UUaun87QHT0KR3Np578X4XT0e_I62yoe_cuMZGl6mjFZCjDhpguhwXeaALgpCniw7Uv8KSETWGPtYPQ8B7acd0fiXZSh5KWG5xE5ZteGh2SZ6ROx62A5x0R1e_P4QUW3EaF_LJWiYpB0CxPAII_anJs0nl63dRQdy4dGCUNPi3qAs8V86M67pyKddCrgW08VtwXDYj_fdDdNv2Sjq3mz6iPIwNsoyxuzmab5YXsElacmp0IPjXLpTgiE14HblQ%26sai%3DAMfl-YTKT1HBIFjFBTmybqUz5ViFbLPVGzZu8zF-FKcfdhp_-5xgvaZ2QHcghMR3YDLcLuYR62bzhUWlgmsIGSl-3BUMHm1RPGYZtp_dg9EiH7t2NCQAl5IAiuKyWkvp-2364q8Uo_8sElaJBPS3I8g%26sig%3DCg0ArKJSzLr7YsN-4iMwEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcyberscoop.com%2F$0;xdt=1;crlt=4*)PTp_6F1;stc=1;chaa=1;sttr=74;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 11:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 11:04:13 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 7C37 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 11:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 11:04:13 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1401916/70726087/ Frame DDE5 46 KB
12 KB 133ms
51ms Script
application/javascript 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1401916/70726087/skeleton.js
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 792c7133cd40f54ec263dcd52affec8da2b2d5cb7d2d1913fa52fd21cd80e4a6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame DDE5 106 KB
37 KB 86ms
57ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Origin: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 09:20:28 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame DDE5 11 KB
4 KB 53ms
23ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/B29671449.364578544;dc_ver=95.280;dc_eid=40004000;sz=970x250;u_sd=1;dc_adk=1575237685;ord=ufi8rk;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjsuzGJB79_eB8C8JiMEzG8QamzapoQDF0JY2gh1T3lHxjQNpXLDbmSJpRGm91x0r_fTtaE0G4mTAmGcLuiA8g9X24ZyjR2leqZfzvwo7NRkN8QsyshdFh3TdzUjeFAH_No7tZXa9CirbbuGB8j1KKqkncZnVdwA5SJf7Z28lCejVdco-OtrYJ2ZWUy-XUpp4T2QOnt_tr8TVqYDJWOyrO0mG-pj3ND3x0Yr_EiHtT81_1HsJFZk8rfhjoD8jZ3Dcqe24UNEH3ZgpEy-S5UQQkFuWlpAtcDCtUB6TQpEzf5hayW0EVCcoM1xjAm9K9j2XPaSx1a8vmw%26sai%3DAMfl-YQNFaELcm6Uw4q1PdHFaVdfuA5pzWBVR9olxv0vj-hmHnLVrZ6-jCMEZHUF8MeeusuGoOFxE5leq8BYtH2KTsuoJozQp3DIJqP9Hd1VrhH-ogjMB0nMiin3B1YktlhfY0NR6aiX2lPdBe2CocI%26sig%3DCg0ArKJSzKg80wJTRApqEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcyberscoop.com%2F$0;xdt=1;crlt=4*)PTp_6F1;stc=1;chaa=1;sttr=91;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 11:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 11:04:13 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame DDE5 41 KB
15 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 11:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 11:04:13 GMT

GET
H2 200 skeleton.js Show response
fw.adsafeprotected.com/rjss/st/1401916/70726092/ Frame F1E4 46 KB
12 KB 126ms
52ms Script
application/javascript 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://fw.adsafeprotected.com/rjss/st/1401916/70726092/skeleton.js
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: d1c7077302a860daf797f97c2f246a89277a03184dafbdc2f2daea84cd24caf4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: fw.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_276.js Show response
s0.2mdn.net/879366/ Frame F1E4 106 KB
37 KB 62ms
42ms Script
text/javascript 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Origin: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 09:20:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 60663
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 37872
x-xss-protection: 0
last-modified: Wed, 02 Mar 2022 23:07:26 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 16 May 2023 09:20:28 GMT

GET
H2 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/ Frame F1E4 11 KB
4 KB 46ms
24ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20230510/r20110914/elements/html/omrhp.js

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N2998.138004FEDSCOOP.COM/B29671449.364580305;dc_ver=95.280;sz=300x600;u_sd=1;dc_adk=2584423925;ord=oxcj53;click=https%3A%2F%2Fadclick.g.doubleclick.net%2Fpcs%2Fclick%3Fxai%3DAKAOjssvxgu4kzUvFpBPCGFW5eMFvDr47k-dgRp5wIFDHeHV3k2lVYkfPRlD6EV0I43odoDMCYuYqMENj-IFlsmrJG65jK4ieFKBcKgVsqPlX5zRUD7Y6nKRfMd-W8jcF4FkuLu-wkRQV_hk7uh6HrQChV7s_ceJoxjArHlaOn0bqpvnU25MIMAE0UDWvLnqCkBW7uZ0lhI0oja-xf7GXg6bVTR8sgrunYqUvX3SJX9jH8919Fmd_pv7DFTeO4CjxGRoQ6MaGXjgYRoLriAtaNUu9AlIKLWDO4W25tCGKve31Q3TwUw2RwY-dQ_6ArMxO5dJMabniEFcJP4sI1GibRzb%26sai%3DAMfl-YQKj1y6T7-3_Hb5eg1sM3bjcqC1GP2ltqiZwT82kP7rS9FbltXCKeUhxMKT_ZBnzE2Co2MqkyrzpT1mcT9-kDKuojmfh9YO2oo8AGNIe9vizVMo35hfJFhSAIgiwhrf5pphZQIiaNJf7l1EavE%26sig%3DCg0ArKJSzF3wQKbgpb0tEAE%26fbs_aeid%3D%5Bgw_fbsaeid%5D%26urlfix%3D1%26adurl%3D;uach=WyIiLCIiLCIiLCIiLCIiLFtdLGZhbHNlLG51bGwsIiIsW10sZmFsc2Vd;dc_rfl=1,https%3A%2F%2Fcyberscoop.com%2F$0;xdt=1;crlt=4*)PTp_6F1;stc=1;chaa=1;sttr=92;prcl=s

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 11:04:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 54438
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4122
x-xss-protection: 0
server: cafe
etag: 11429739870029468282
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Mon, 29 May 2023 11:04:13 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame F1E4 41 KB
15 KB 21ms
20ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 11:04:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 54438
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 14 May 2024 11:04:13 GMT

GET
DATA 200
OK truncated
/ Frame 7C37 212 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ebf0d160106e146cfa4a8017e79b845534b7bff2a38d34d78e784b95a147d95e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 0680 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
expires: Tue, 14 May 2024 11:04:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame DDE5 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ba42e38c9045a14f29b042c2fa0f1da6df8e5f428b8a2f317083f3bfff2b2a16

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame F1E4 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e4fb3c65470ec0c1d1ebebaefc2910cfaa58ac95ef1a2b3ca450cf87c2ff2708

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 4D58 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
expires: Tue, 14 May 2024 11:04:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 20AF 22 KB
8 KB 21ms
20ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 54438
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 8395
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 11:04:13 GMT
expires: Tue, 14 May 2024 11:04:13 GMT
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame 7C37 47 KB
13 KB 60ms
48ms Script
application/javascript 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191570655&placementId=364580302
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: cee56f106ed1a6060cccb0f14f79f75f54a5a1294d125528b25de48344c2bb7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 300x250.html Show response
s0.2mdn.net/sadbundle/12829355415431909801/300x250/ Frame 670A 39 KB
11 KB 68ms
23ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f0a30837160b46b3440205fffcc85d83f691727a70b437508276c331b5acd7d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 262792
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 11175
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sat, 13 May 2023 01:11:39 GMT
expires: Sun, 12 May 2024 01:11:39 GMT
last-modified: Tue, 02 May 2023 15:18:04 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C37 0
0 139ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuu5bZuqAxTsp6dAXV8YFP6NmWF_B8wAk37YytH5soRzIQR5eT9ESJGYGUp8o58r8FcvpqZemyZpOYYj5LGxu65Hz4luucncTQjQFIAUpuzcaeBs7e9J_tv_DyUrE-OBfPLI80UzUuLtgCepXWvV5inijqekT6k_ZKS&sai=AMfl-YSbMFkMD6MhYAHsr8CPAEQxRZJvtXJhWfdXlKpZFSQCykkZEKHOnKCh3uGROL-s-FX-4RNkweDo4ViGYvVLb52Vv59KvfRPvNP72Q&sig=Cg0ArKJSzAmuBC6xzEtgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=164&cbvp=1&cstd=157&cisv=r20230510.81886&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:31 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame DDE5 47 KB
13 KB 78ms
78ms Script
application/javascript 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191571177&placementId=364578544
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: c8f57c46a166fe9c9c244eb66ef5643dfbc12494ef17da70e6636a4f3ad4c3ab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 970x250.html Show response
s0.2mdn.net/sadbundle/16098904663021432394/970x250/ Frame F25B 38 KB
11 KB 67ms
29ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d71b7fd67bbf02354fa086ccadef96365da75989f191d2ecbb714f2665db41ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 6
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 11052
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:25 GMT
expires: Wed, 15 May 2024 02:11:25 GMT
last-modified: Tue, 02 May 2023 15:18:19 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDE5 0
0 132ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKol4lC7JQllvCy7EMTpBtRsjtn2Jrr-wCuYM439ZCoHhbgm_hRH3D3xeZtgcE0Wc-Ol8xoAq9QceKDKb208pCVVZgsPfwm4cCieCiw3VKLy-khncMvW6CbLzq8DsSRT0mblXkU1Zvw0JIjGTtF_HKYAs9ABgyslnp&sai=AMfl-YRfO3GB5G9FJ3Tgvvtt4Vg1amM19YermJR0bGZL8nEj7bPC9093s4olof50DGnhAHNYVssdCmZ_Wlz9AH-ZSX2wLkDs9MAsoiYsMg&sig=Cg0ArKJSzBHjbtVtLAR-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=137&cbvp=1&cstd=135&cisv=r20230510.55484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:31 GMT

GET
H2 200 jload Show response
pixel.adsafeprotected.com/ Frame F1E4 47 KB
13 KB 81ms
81ms Script
application/javascript 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191571828&placementId=364580305
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 432bb63f83b54b85b196e4eb39ec0d8db33d8aeede7f12ec1a56ad04d7f32349

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: gzip
vary: accept-encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: pixel.adsafeprotected.com
cache-control: no-cache
access-control-allow-credentials: true
expires: Wed, 31 Dec 1969 23:59:59 GMT

GET
H3 200 300x600.html Show response
s0.2mdn.net/sadbundle/6020346782542375082/300x600/ Frame 1A20 39 KB
11 KB 48ms
21ms Document
text/html 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_276.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e22601bd37effdb0cde4e99c4de2431ccaf644881e489098cf64b57f03bf5f9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
access-control-allow-origin: *
age: 116271
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 11201
content-type: text/html
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
cross-origin-resource-policy: cross-origin
date: Sun, 14 May 2023 17:53:40 GMT
expires: Mon, 13 May 2024 17:53:40 GMT
last-modified: Tue, 02 May 2023 15:18:08 GMT
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
server: sffe
timing-allow-origin: *
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-xss-protection: 0

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame F1E4 0
0 124ms
61ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCLeCyvtTiNpHXGldfOegltZPt-nWbeuqe939Lqe3HYhiLbRqnyEbi8p140ukka1dJkjGHvTMUGDxLSjJPwze5xQNrNSwts8e7jDhjfsZyLvRR2XwEuJeObDZV7BbPKMJOcooJObkTsqEL63Vx_Hq50cAnMpstw7rR&sai=AMfl-YR4Ayu6yISlfsqs2owW-_MDJnbF034Yez0YKM7O7eeQpgFHeQ3_hE73J3b-nvlFGBzaOELI9FeYgUyoANzK7cl_iXKbz1PUP4BOPw&sig=Cg0ArKJSzPRpLzsejOUkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=135&cbvp=1&cstd=133&cisv=r20230510.17546&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:31 GMT

GET
H2 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 0680 37 KB
15 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 10:52:56 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/ Frame 1A20 113 KB
33 KB 99ms
51ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2acda41c2ccb801da381897afcdc61852504c97fca73b708e95023955074aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1589172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33665
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=BXkXrpTv0fovs2nzCKAXTXE54bmWTnmu3KcJuLRkUQdYc55xGXeqy21RVqe5XDcM9NIydPwj%2F1XFmXyKJLqMzZ58cQhp756ZfmokHtpBmjIshArfm3%2BHF8PoNLSGvYUu8n%2BdcaZ8U3wX7YwEbI8JYVTN"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80172a7eb52bee-FRA
expires: Sun, 05 May 2024 02:11:31 GMT

GET
H2 200 TextPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ Frame 1A20 2 KB
2 KB 74ms
27ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/TextPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5a7439738e33f6ba4f019f53528b4f721a4d7fbeee9f0c298d3e035484dcea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12417161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 876
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s1lNyEruCd2xqHa0p8k3t0UsotqqA5QMgtn5tZtVbiq%2FrN%2BVYU5D7laaAUinbmcbq7cD9KqwpJXdY6SMzTzQ6TnpKrrY1C%2Bj9noshGKCeUvzEiQFfxc3BQPIeAxyJFXbGyBu1Wu%2Ff6bOWZFABdwCcjKe"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80172a7eb62bee-FRA
expires: Sun, 05 May 2024 02:11:31 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/ Frame 670A 113 KB
33 KB 68ms
28ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2acda41c2ccb801da381897afcdc61852504c97fca73b708e95023955074aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1589172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33665
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7ox4XH27t9lWjamYseRXd7mFuUUTOk771B29gjjvgOepgwxS1AhGpRXoWQmfpAmNqmhC2F%2B3GJZj%2FquoMFUosI1J2ghFlAPf2BOLFE4yKfBRie2x39f%2Bf5NiVDlqdCZwOpXHKy2D6v0sWg0yBUJwz6FD"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80172a7eb82bee-FRA
expires: Sun, 05 May 2024 02:11:31 GMT

GET
H2 200 TextPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ Frame 670A 2 KB
1 KB 86ms
47ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/TextPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5a7439738e33f6ba4f019f53528b4f721a4d7fbeee9f0c298d3e035484dcea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12417161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 876
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=S7kAvuu55LRfBVQnkJBo9Rs9YA%2FwEHUWlu8hbjNy58cBI7HNwzQbAVjFOJQVpcHL0JhPvM0rBbAgDNpBFn2%2FDWvccouaxn1wcrPq7b5U1FS12f9JaRK%2Fks%2FCoQzmoY0paAlmAdI%2BrJGfxaphm7IyPr1%2F"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80172a7eba2bee-FRA
expires: Sun, 05 May 2024 02:11:31 GMT

GET
H2 200 TweenMax.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/ Frame F25B 113 KB
33 KB 79ms
49ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.20.5/TweenMax.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0f2acda41c2ccb801da381897afcdc61852504c97fca73b708e95023955074aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1589172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 33665
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-1c413"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H9vDrCycN%2B6rdY3ukOrz5vCah1dDY1UOGpnJXXOd8Lb%2FmR9e%2Bqv%2Fu%2FqWw8l3xlPaRxyciPosg54RuI5v0nxwJyKDY6nCguQ1SBBB%2FtKGam0pJRU1hGE5xvTiLONjuGjosJGR%2BZgiCZ4a6I8N%2Fp6YFmsg"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80172a7eb72bee-FRA
expires: Sun, 05 May 2024 02:11:31 GMT

GET
H2 200 TextPlugin.min.js Show response
cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/ Frame F25B 2 KB
1 KB 78ms
48ms Script
application/javascript 2606:4700::6811:180e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/gsap/1.18.5/plugins/TextPlugin.min.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e5a7439738e33f6ba4f019f53528b4f721a4d7fbeee9f0c298d3e035484dcea1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 12417161
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 876
last-modified: Mon, 04 May 2020 16:10:25 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e71-926"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vbzLVFrJw%2BUEkgz8FyXKL1AUqdhEm8h6u6TUqtV6Vnw7%2B%2Fim%2B0jDKaQ66%2FD9%2B6fW0eQRaMUxxIwiN2mAk2J5E3jrrws2thJt3DjqVpwns6BAdwtUoRvDvkgxzdXHHZTM3GpGdxyoLtdgKJXgOxRyrBfc"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7c80172a7eb92bee-FRA
expires: Sun, 05 May 2024 02:11:31 GMT

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 4D58 37 KB
14 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 10:52:56 GMT

GET
H3 200 oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js Show response
pagead2.googlesyndication.com/bg/ Frame 20AF 37 KB
14 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/oKPwcP-deonJmdk-VuVCerVM0HYOOiEgue33yvnOnyk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 15 May 2023 10:52:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 55115
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14771
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 May 2024 10:52:56 GMT

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame DDE5 202 KB
63 KB 70ms
24ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1401916/70726087/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 559739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: 9WMb38pgoz7AEJdZ23ycrAo8-bvhg6jW7L8RR4lT-qL5rtqVfLPdpw==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame 7C37 202 KB
63 KB 130ms
88ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1401916/70726091/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 559739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: fYYRgLjLKtORtboC1cHbUL6Emk8LBYuUSaS1UhR2VhQ3yjDoPMq9CQ==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame F1E4 202 KB
63 KB 102ms
63ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: fw.adsafeprotected.com
URL: https://fw.adsafeprotected.com/rjss/st/1401916/70726092/skeleton.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 559739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: sBMyA3p8a_SMqdtXgXazy68VrDT-qE2jNo1jXALgIy_3hIzTzkOiaQ==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame 7C37 202 KB
63 KB 88ms
79ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191570655&placementId=364580302
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 559739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: WWGaZGo9nKJRSZpniMIGMTXJ0TSbr6Ue8sJMglpNfUA8DXrcrs5GNQ==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame DDE5 202 KB
63 KB 51ms
48ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191571177&placementId=364578544
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 559739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: YwIXbXYvYgbWzN5_6Ji-fk6OPbJtTAvE9PhAP66qUTAtfj2HOwThEg==

GET
H2 200 main.19.8.411.js Show response
static.adsafeprotected.com/ Frame F1E4 202 KB
63 KB 67ms
67ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/main.19.8.411.js
Requested by: Host: pixel.adsafeprotected.com
URL: https://pixel.adsafeprotected.com/jload?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191571828&placementId=364580305
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 14:42:33 GMT
x-amz-version-id: VSvIdS_ZoKv.KP06_jGcx3TdJOJ7jNTw
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 559739
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Mon, 08 May 2023 20:43:27 GMT
server: AmazonS3
etag: W/"a39db77f2b09751cf3516d6055fd0496"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: -3pcoNBEzDqTbmvk5Ta40Ra2VX2TgR0dgsJG9idtjs6j1Y1VqJ8lew==

POST
H2 200 / Show response
www.facebook.com/tr/ Frame FA41 0
48 B 22ms
21ms Document
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://cyberscoop.com
Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://cyberscoop.com
alt-svc: h3=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:31 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame DDE5
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1401916/70726087/skeleton.js?adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

20ms
19ms

Script
application/javascript

2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10361982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: LcRt6V56biTSuuRQKiy5_Fp3RRqLe4XG7M2nlDz1Rk1farvBtRF2Vw==

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 3B55 91 KB
23 KB 21ms
21ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20428515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: aRDZzE-22tUF-MaWtTFmjDgsPyxcn9zPz4-BznY5_D13BcxrgnTEwg==

GET
H3 200 VerizonNHGeDS-Bold-subset.woff
s0.2mdn.net/sadbundle/12829355415431909801/300x250/ Frame 670A 27 KB
27 KB 24ms
23ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/VerizonNHGeDS-Bold-subset.woff

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d336af8e2ea341b3e52739aa4b04bd06a0c9433bfc2d831d58fadc0ac73592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:48:26 GMT
x-content-type-options: nosniff
age: 220985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27672
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 May 2024 12:48:26 GMT

GET
H3 200 VerizonNHGeDS-Regular-subset.woff
s0.2mdn.net/sadbundle/12829355415431909801/300x250/ Frame 670A 26 KB
26 KB 27ms
27ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/VerizonNHGeDS-Regular-subset.woff

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ad6430485b32b937a1d6c36fdb6f83a810499ca871fd08918c2abebdd6fd8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:48:26 GMT
x-content-type-options: nosniff
age: 220985
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:04 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 May 2024 12:48:26 GMT

GET
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 7C37 0
0 58ms
58ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuu5bZuqAxTsp6dAXV8YFP6NmWF_B8wAk37YytH5soRzIQR5eT9ESJGYGUp8o58r8FcvpqZemyZpOYYj5LGxu65Hz4luucncTQjQFIAUpuzcaeBs7e9J_tv_DyUrE-OBfPLI80UzUuLtgCepXWvV5inijqekT6k_ZKS&sai=AMfl-YSbMFkMD6MhYAHsr8CPAEQxRZJvtXJhWfdXlKpZFSQCykkZEKHOnKCh3uGROL-s-FX-4RNkweDo4ViGYvVLb52Vv59KvfRPvNP72Q&sig=Cg0ArKJSzAmuBC6xzEtgEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=648&vt=11&dtpt=484&dett=3&cstd=157&cisv=r20230510.81886&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:31 GMT

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0A4E 91 KB
23 KB 21ms
21ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20428515
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: WoR8deEt5cQZIJYbf-N1W1o5WKPyGecAzuPqjgF0v6tfwAfnm7DxqA==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame DDE5 43 B
216 B 50ms
50ms Image
image/gif 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191571177&placementId=364578544&adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:13d14eef-8e2b-b7f5-4b91-f31349d04080,c:cJU4gV,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-bxflv,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:268,mot:0,app:0,maw:0,fm:tEnKxbP+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C1811%7C182%7C19,idMap:17*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:280,oid:f970865c-f38e-11ed-8079-4e1832b9c915,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:31 GMT
server: nginx
x-server-name: app08.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 386ms
108ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4gW,pingTime:-8,time:281,type:l,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:281,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B10~1%5D,as:%5B10~970.250%5D%7D%7D%5D,slEventCount:1,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxbP+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 VerizonNHGeDS-Bold-subset.woff
s0.2mdn.net/sadbundle/6020346782542375082/300x600/ Frame 1A20 27 KB
27 KB 21ms
20ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/VerizonNHGeDS-Bold-subset.woff

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d336af8e2ea341b3e52739aa4b04bd06a0c9433bfc2d831d58fadc0ac73592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 15:01:39 GMT
x-content-type-options: nosniff
age: 212992
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27672
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 May 2024 15:01:39 GMT

GET
H3 200 VerizonNHGeDS-Regular-subset.woff
s0.2mdn.net/sadbundle/6020346782542375082/300x600/ Frame 1A20 26 KB
26 KB 24ms
24ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/VerizonNHGeDS-Regular-subset.woff

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ad6430485b32b937a1d6c36fdb6f83a810499ca871fd08918c2abebdd6fd8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 10:18:54 GMT
x-content-type-options: nosniff
age: 402757
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:08 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 10:18:54 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame F1E4 0
0 60ms
59ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsuCLeCyvtTiNpHXGldfOegltZPt-nWbeuqe939Lqe3HYhiLbRqnyEbi8p140ukka1dJkjGHvTMUGDxLSjJPwze5xQNrNSwts8e7jDhjfsZyLvRR2XwEuJeObDZV7BbPKMJOcooJObkTsqEL63Vx_Hq50cAnMpstw7rR&sai=AMfl-YR4Ayu6yISlfsqs2owW-_MDJnbF034Yez0YKM7O7eeQpgFHeQ3_hE73J3b-nvlFGBzaOELI9FeYgUyoANzK7cl_iXKbz1PUP4BOPw&sig=Cg0ArKJSzPRpLzsejOUkEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=659&vt=11&dtpt=524&dett=3&cstd=133&cisv=r20230510.17546&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:31 GMT

GET
H3 200 VerizonNHGeDS-Bold-subset.woff
s0.2mdn.net/sadbundle/16098904663021432394/970x250/ Frame F25B 27 KB
27 KB 20ms
20ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/VerizonNHGeDS-Bold-subset.woff

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10d336af8e2ea341b3e52739aa4b04bd06a0c9433bfc2d831d58fadc0ac73592

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:02:36 GMT
x-content-type-options: nosniff
age: 590935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27672
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 May 2024 06:02:36 GMT

GET
H3 200 VerizonNHGeDS-Regular-subset.woff
s0.2mdn.net/sadbundle/16098904663021432394/970x250/ Frame F25B 26 KB
26 KB 25ms
24ms Font
font/woff 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/VerizonNHGeDS-Regular-subset.woff

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f2ad6430485b32b937a1d6c36fdb6f83a810499ca871fd08918c2abebdd6fd8d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html
Origin: https://s0.2mdn.net
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:02:36 GMT
x-content-type-options: nosniff
age: 590935
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26972
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:19 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 May 2024 06:02:36 GMT

GET
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame DDE5 0
0 61ms
60ms Fetch
image/gif 142.250.186.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvKol4lC7JQllvCy7EMTpBtRsjtn2Jrr-wCuYM439ZCoHhbgm_hRH3D3xeZtgcE0Wc-Ol8xoAq9QceKDKb208pCVVZgsPfwm4cCieCiw3VKLy-khncMvW6CbLzq8DsSRT0mblXkU1Zvw0JIjGTtF_HKYAs9ABgyslnp&sai=AMfl-YRfO3GB5G9FJ3Tgvvtt4Vg1amM19YermJR0bGZL8nEj7bPC9093s4olof50DGnhAHNYVssdCmZ_Wlz9AH-ZSX2wLkDs9MAsoiYsMg&sig=Cg0ArKJSzBHjbtVtLAR-EAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=686&vt=11&dtpt=549&dett=3&cstd=135&cisv=r20230510.55484&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ..&arae=0&ftch=1&adurl=

Requested by

Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f2.1e100.net

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:31 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:31 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 331ms
109ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4i0,pingTime:-3,time:390,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:389%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:390,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 328ms
110ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4i2,pingTime:-6,time:392,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:392,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C1811%7C182%7C19,idMap:17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262%7D&tpiLookup=ao:cyberscoop.com*&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 595F 42 B
64 B 103ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuqPVP3N2i208wy329C4GDs3LIHRtNPYtp4mmZ_e6TjVPgP-3NvElTgCeaHgWbVx_CJp2XTGVn96tYT8jCphcf_-62SmMIpQW7dQp6Dg2OdrRIFXMAu&sig=Cg0ArKJSzAsrPX5pMDoQEAE&id=lidar2&mcvt=1142&p=363,480,843,1120&mtos=1142,1142,1142,1142,1142&tos=1142,0,0,0,0&v=20230515&bin=7&avms=nio&bs=1600,1200&mc=1&vu=1&app=0&itpl=3&adk=145983194&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090466&rpt=314&isd=0&lsd=0&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame 7C37
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1401916/70726091/skeleton.js?adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A...
https://static.adsafeprotected.com/skeleton.js

17 B
465 B

25ms
24ms

Script
application/javascript

2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10361982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: JgnnaWxfvhhkvRIASO6yd4gh-tNfrWw0Cz1rWl2SW3Why1Fwv19Y2w==

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: app07.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 72AD 91 KB
23 KB 22ms
21ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20428516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: qUeyUdt7ArN9STNTjF0RV0t_FObmUI0TBY5drfizIsvROiSagvkFTg==

GET
H2

200

skeleton.js Show response
static.adsafeprotected.com/ Frame F1E4
Redirect Chain

https://fw.adsafeprotected.com/rfw/st/1401916/70726092/skeleton.js?adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A...
https://static.adsafeprotected.com/skeleton.js

17 B
464 B

20ms
20ms

Script
application/javascript

2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/skeleton.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Mon, 16 Jan 2023 03:51:51 GMT
x-amz-version-id: nylqTweorRThFHMBJSrf_fHcWx3KVKN3
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 10361982
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 17
last-modified: Mon, 17 Aug 2020 23:54:35 GMT
server: AmazonS3
etag: "53fab767ecbd3bf07990b10246befbd4"
content-type: application/javascript
cache-control: max-age=315360000
accept-ranges: bytes
x-amz-cf-id: lVOc0Pf1b9mNtGZ_Jm3Yim_foeRwYjAbLdy6z-l9qNgt_gFU1PFgiw==

Redirect headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: app04.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
location: https://static.adsafeprotected.com/skeleton.js
cache-control: no-cache
content-length: 0

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame B036 91 KB
23 KB 21ms
21ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20428516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: MG_ZYfZP0jE5yQIhPEVNMsVsbo7iBVQBQLLTbl9gX1741AeyApNyDw==

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 364ms
211ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4j7,pingTime:-3,time:416,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:416,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
216 B 257ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4j8,pingTime:-6,time:417,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:417,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280%7D&tpiLookup=ao:cyberscoop.com*&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame 0D76 91 KB
23 KB 24ms
24ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20428516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: Js8H18KqGUd7FBm0nvY2Jn_nq9bjeHyKK7wj6IFOqr-ZPvvYthOTXg==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame F1E4 43 B
216 B 55ms
55ms Image
image/gif 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191571828&placementId=364580305&adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:160ac7f0-837b-a839-d52e-10f983b728f2,c:cJU4jo,sl:na,em:true,fr:false,thd:1,mn:jsserver-primary-5cf46fd95f-6wb87,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:388,mot:0,app:0,maw:0,fm:tEnKxcp+11%7C12%7C13%7C14%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:397,oid:f9719779-f38e-11ed-9f1b-ca105505398e,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: app09.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 sca.17.6.2.js Show response
static.adsafeprotected.com/ Frame D3B2 91 KB
23 KB 21ms
21ms Script
application/javascript 2600:9000:223f:ca00:8:48e:53c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://static.adsafeprotected.com/sca.17.6.2.js
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223f:ca00:8:48e:53c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Wed, 21 Sep 2022 15:36:17 GMT
x-amz-version-id: go8nfBUviNCPCwnrYX1LpMW5hEx3ASGy
content-encoding: gzip
via: 1.1 0c39e892d8c809025c8f47425847f680.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P5
age: 20428516
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
last-modified: Tue, 20 Sep 2022 19:21:34 GMT
server: AmazonS3
etag: W/"1f3488247c90bb5de253d3d0cb3b7458"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=315360000
x-amz-cf-id: NwNKVZJG-bam4OCOyRs13Tx9kgGxm8EhmS2X-eXa3g-2bvl5G43Fyg==

GET
H2 200 mon
pixel.adsafeprotected.com/ Frame 7C37 43 B
216 B 55ms
54ms Image
image/gif 54.76.27.26
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.adsafeprotected.com/mon?anId=925175&adsafe_par&uId=&advId=9847203&campId=29671449&pubId=6067357&chanId=191570655&placementId=364580302&adsafe_url=https%3A%2F%2Fcyberscoop.com&adsafe_type=y&adsafe_url=https%3A%2F%2Fcyberscoop.com%2F&adsafe_type=e&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2F&adsafe_type=f&adsafe_url=https%3A%2F%2F0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com%2Fsafeframe%2F1-0-40%2Fhtml%2Fcontainer.html&adsafe_type=d&adsafe_jsinfo=,id:39e9f274-aedb-0059-9733-bfdf51b6510e,c:cJU4jG,sl:na,em:true,fr:false,thd:1,mn:jsserver-experiment-primary-6f66cdc69c-72kfh,rg:ie,pt:1-5-15,mu:10000,br:c,bru:c,an:n,oam:0,scm:publ1.grpm1,mtim:453,mot:0,app:0,maw:0,fm:tEnKxbG+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C1811%7C182%7C183%7C184%7C19,idMap:15*,pl:CV8L.VEBo.0YtC,rmeas:1,rend:1,renddet:DIV.qs.sn,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,tt:jload,et:460,oid:f97037b0-f38e-11ed-b34d-e6b509c226cc,v:19.8.411,sp:1,st:0,fwm:0,wr:1600.1200,sr:1600.1200,ov:0
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.76.27.26 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-76-27-26.eu-west-1.compute.amazonaws.com
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: app05.ie.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 311ms
216ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4k3,pingTime:-2,time:517,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:652,bdZ:826,beA:974,beZ:975,mfA:1212,cmA:1214,inA:1214,inZ:1219,prA:1220,prZ:1228,si:1235,poA:1237,poZ:1257,cmZ:1257,mfZ:1257,loA:1365,loZ:1369,ltA:1491,ltZ:1491,mdA:1018,mdZ:1085%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:389%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:517,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B128~0%5D,as:%5B128~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C1811%7C182%7C19,idMap:17.13d14eef-8e2b-b7f5-4b91-f31349d04080.137_925175%7C17*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262,sinceFw:253,readyFired:true%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 299ms
213ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4kc,pingTime:-3,time:523,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:420%7D,%7Bpiv:0,vs:o,r:l,t:523%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:523,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B0~0%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C1811%7C182%7C19,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 300ms
217ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4ke,pingTime:-6,time:525,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:525,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B2~0%5D,as:%5B2~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C1811%7C182%7C19,idMap:15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421%7D&tpiLookup=ao:cyberscoop.com*&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 294ms
215ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU4kj,pingTime:-3,time:527,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:435%7D,%7Bpiv:0,vs:o,r:l,t:527%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:527,n:527,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:435,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1,0~0%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:527,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:436%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 299ms
221ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU4kk,pingTime:-6,time:528,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:528,n:527,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:435,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1,0~0%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:527,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B1~0%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:436%7D&tpiLookup=ao:cyberscoop.com*&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 111ms
110ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4kq,pingTime:-2,time:497,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:792,bdZ:871,beA:1016,beZ:1017,mfA:1285,cmA:1285,inA:1285,inZ:1289,prA:1289,prZ:1293,si:1297,poA:1298,poZ:1309,cmZ:1309,mfZ:1309,loA:1434,loZ:1436,ltA:1514,ltZ:1514,mdA:1018,mdZ:1085,idA:1309,idZ:1360%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:970.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:497,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B82~0%5D,as:%5B82~970.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280,sinceFw:215,readyFired:true%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 281ms
214ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU4kv,pingTime:-3,time:466,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:397%7D,%7Bpiv:66,vs:pp,t:463%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:463,pp:466,pm:0%7D,slEvents:%5B%7Bsl:n,t:397,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:463,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~50%5D,as:%5B3~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18.6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e.93_1401916-70726092%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:397%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 175ms
109ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU4kw,pingTime:-6,time:467,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:463,pp:467,pm:0%7D,slEvents:%5B%7Bsl:n,t:397,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:463,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~50%5D,as:%5B4~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18.6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e.93_1401916-70726092%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:397%7D&tpiLookup=ao:cyberscoop.com*&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt23.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 266ms
218ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4kN,pingTime:0,time:529,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:529,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 111ms
111ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4kP,pingTime:0,time:522,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D,%7Bpiv:100,vs:i,r:,t:522%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:522,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~970.250%5D%7D%7D,%7Bsl:i,t:522,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B0~100%5D,as:%5B0~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 265ms
218ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4kQ,pingTime:-3,time:532,type:v,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:532,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B3~100%5D,as:%5B3~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 257ms
212ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4kR,pingTime:-6,time:533,type:i,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:533,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B4~100%5D,as:%5B4~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxbb+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460%7D&tpiLookup=ao:cyberscoop.com*&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 119ms
111ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4ls,pingTime:-2,time:601,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:644,bdZ:862,beA:1004,beZ:1005,mfA:1416,cmA:1416,inA:1416,inZ:1417,prA:1418,prZ:1422,si:1424,poA:1425,poZ:1435,cmZ:1435,mfZ:1435,loA:1528,loZ:1530,ltA:1605,ltZ:1605,mdA:1037,mdZ:1134%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:420%7D,%7Bpiv:0,vs:o,r:l,t:523%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:601,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B79~0%5D,as:%5B79~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:15.39e9f274-aedb-0059-9733-bfdf51b6510e.71_925175%7C15*,pd:0YtC.internal-nacl-plugin,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421,sinceFw:180,readyFired:true%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 220ms
215ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU4lv,pingTime:-2,time:601,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:649,bdZ:824,beA:967,beZ:969,mfA:1397,cmA:1397,inA:1397,inZ:1398,prA:1398,prZ:1402,si:1403,poA:1404,poZ:1412,cmZ:1412,mfZ:1412,loA:1495,loZ:1496,ltA:1568,ltZ:1568,mdA:1042,mdZ:1118%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:435%7D,%7Bpiv:0,vs:o,r:l,t:527%7D,%7Bpiv:66,vs:pp,r:,t:601%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:601,n:527,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:435,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1,0~0%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:527,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:601,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1~50%5D,as:%5B1~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18.160ac7f0-837b-a839-d52e-10f983b728f2.71_925175%7C18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:436,sinceFw:165,readyFired:true%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 221ms
220ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU4ly,pingTime:-2,time:531,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:786,bdZ:868,beA:1040,beZ:1042,mfA:1429,cmA:1429,inA:1429,inZ:1430,prA:1430,prZ:1436,si:1437,poA:1437,poZ:1447,cmZ:1447,mfZ:1447,loA:1507,loZ:1509,ltA:1571,ltZ:1571,mdA:1042,mdZ:1118,idA:1447,idZ:1503%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.600,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:397%7D,%7Bpiv:66,vs:pp,t:463%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:463,pp:531,pm:0%7D,slEvents:%5B%7Bsl:n,t:397,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:463,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B68~50%5D,as:%5B68~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18.6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e.93_1401916-70726092%7C18*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:397,sinceFw:134,readyFired:true%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 204ms
203ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4lP,pingTime:-2,time:593,type:a,im:%7Bsf:1,pom:1,prf:%7BbdA:805,bdZ:897,beA:1035,beZ:1036,mfA:1487,cmA:1487,inA:1487,inZ:1488,prA:1488,prZ:1492,si:1495,poA:1495,poZ:1506,cmZ:1506,mfZ:1506,loA:1567,loZ:1568,ltA:1627,ltZ:1627,mdA:1037,mdZ:1134,idA:1506,idZ:1561%7D%7D,sca:%7Bdfp:%7Bdf:3,sz:300.250,dom:div%7D%7D,env:%7Bgca:false,cca:false,gca2:false%7D,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:593,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B64~100%5D,as:%5B64~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,pd:VEBo.mhjfbmdgcfjbbpaeojofohoefgiehjai,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460,sinceFw:132,readyFired:true%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 4D58 0
20 B 59ms
58ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BKzEIU-ZiZK30Coa6gQfpn4_wBQAAAAA4AeAEAg&bg=!AgGlAVXNAAYldGN0BXQ7ADkAdvg8Wj5Hn_zVJJqVan4nNXcMAawa_CUMfkET-TBoJibOxBXnLhtqduTNuUPvmMSgxXCcDNMojqwCAAACUlIAAAADaAEHmQLmBtUzjf1gC3Rz9XenYdjXFO0PjzzJXziPjrdA5unlUIX-PHe7ts97PKQGvSNb8WI6MK5ywY49Jj-T99brD3kBAQsYckMERZoJwlRr9BPw27rVNm-tckWbYjObMuTZ5AylYHhnySYZoAxw9RnyVRrcStbvKeS1xKvHTxIx8ypS5ZzQlxd2KGaRGV3weNBYfk0rqN1Yim6KYoxyOI0qiOrDWYS-VwFT5s7JQCSx0QMQ08x3frOjxbT6z6wrn4ZTxDsPAYIUOSJXsx0-zirUx1vWLFzkOvwdKZ0aHu9Sqi2JJtOQeGft_a1Tt0P3l-3ULIfri4_v_2s5bIHcir9kn-wObXgbzUjKiA0cVaUwVBhtLNA9SfGTBmmMCvm2SxOnikyWxegIR-8jRQZ4W-IcdqxhCBg74td2n2qrVR_fwHUZEkQHmOMif-_xMToN1oWYK0e7_FhEL_2urGAhhS8USEdseG-N0xLi62O0UmjzH0YHiebGXs7d5xW3Mzew31e14SRuWCE2cqJBDa13SzWbXX0uLW0ym7sWljHXEH4K6lvWeHnueDoG2OrrZyAzhJRTBiMJTYvlzaYWG5XNKmP9sBK4Vv2WQdXO3E3aZ_KrmgYGh-US9hzbTHskhiZ5GJpRQl8TeKqSPDTA80JBddRsHh9o5DbcI3E55z_no7qz09NlUWNoXvnSrcJbUEzmSKDjCL0QW67n8xr6DpFy39Z5RZITfPkbQn8PTg7_mCvudO2wbVMw9O07m1tZusyJqBo4ZK41LpnmhFM9mtiuibjAVDstPJEcaWPUPdBQhBj0iy0rJZqbhr-dtcOV9iGzKVAlqx19wkNxvjt75Lao586ShTMAEFj5IrsdP26mQOZEUDN2HCqZeoB9p_RA9NWl4LqL9c1zmruIKjghEpvuNRU_IclAid-p1ng_Y1Rl2u4HJcIrpoqdnLB9iY4iUKqKoV2wGhRM8CDPLDwKDBljUfZ75UM1SALBHIIYTg

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 0680 0
20 B 67ms
66ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=B00iCU-ZiZIztCMO4x_AP36KRuAIAAAAAOAHgBAI&bg=!OjmlOW3NAAYldGN0BXQ7ADkAdvg8Wh2jUSMrsJAKTGNdaupRoBDcVkAX1g4Rhf2YktbOrLhCTqb3wKlpZJBLziYz_LEXLA5AfuECAAACzVIAAAADaAEHmQLmHIRzQNtviwbSZ0HywEmjbmpF78IcXLHzd37RPMgCkjlR-dwNFfVUZBUFaBt9kgtg9N3AihrXYtlc4DQYC9vB4vyc_DPHfh1Q21r7iU7p3_xc1cmXci-IePQhfFoeMFg1lvvmHyevDH1ShJQVH1FrjiWrzHoGRIqF1nlScvKLLRFrMCiLMvsaDPGc3nRSC0pQcpJOTAmtqTlN_vTyrurGQET9BQPsf5pSm_LHsZy7lTm20RBin1zUbdywKXqY9-e8q8XgxZyXWXwVs6UpUiuUuM11mnM9MZstjV9pgs9spyJ1XDZk_2QE-2gyRuwxuZssZCKwDiQOYtdu6AovHFiYK4nsSCbJJIugs-ZkRtko6EwL4NalYjqWjO04xO2J6wE7S9JrkkQiFT1a5sAuBIrkzulkJ4-ms-tLsUYlALNPpej6kT8Ft3XrgpS9_r4GS8kBMt5_KGc1Eq3fO41YKRPxuURCc9iabMjit5PMFK4vgKLLOifUXN-FJiHEk4SZ1SuszdqdI4r75trPDS9DichLJkcvLY2rk7cnSdouHAdu-IkjqfqbtMgDOpkk6vH4_MsbG3Nbs-hxV5_Faf4tQxBeSRnG6JeXYArPctEecJcDJ_KFUAs7ehDbgWbbskH8oe8qEfc4ghuLCPwJgL6gvvxB2FVyVLg-iomSqt0o2eMALPCgOrY0ih9Sg5ag2iPJT64Mj3SpmuO1jajCveg0-ut41jAksXz98ARA6KKqos7hAI70CYXHFQpNEaWgaNqoaVbIEY5wGE5Viq79OcV-SBWE1nS5cOEsJqg-nNCOkyPsOQEhHvT3rS3OluAYjLx165hZTyv40q2ROq88gCW4ErQq2Ef0w_itj6QSfE2zOn-b71gg_J3BvNNuRSiiLdwmD4Q5oA5KtHzbDh4nT0uSd7KamKMp-xXXtiIsnXmIm03CBLRapGgpPC9pPasF2oawOvxzDb7x_buIBeM6EsHMqVHIQ2WC-pX7Ow

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4ob,time:730,type:e,im:%7Bimprf:%7Bttecl:752,ecd:51,tsecr:184%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:208,o:522,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~970.250%5D%7D%7D,%7Bsl:i,t:522,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B208~100%5D,as:%5B208~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:421,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280,sis:527%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 20AF 0
20 B 62ms
62ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=By7WrU-ZiZLGBC4q1-gbTqoPYBAAAAAA4AeAEAg&bg=!OjmlOW3NAAYldGN0BXQ7ADkAdvg8WtQjweQT6h29Akm7RqmKLl6do212R1LeXYp6VHXy5f_wOXN4AZEk-81GLOnkcDeD_Am2s50CAAACYFIAAAAEaAEHmQLvHzXccP0LTjNc2H2PED_PEJuLlOnr6HHveSLLkvtSHl4yvUP3N7X9EboEj5wKfmfvJ5a6cL-PkQxlXBuE0T4s93sHkyqtuofLVnHWiO6Eh5SdbHbg6CvqW5OV63W_2G0dz5oYaSh5nuiVmgmiF_NZXfjs-dXZhWNaQf2Ks6DB4TLGyIuMvAp2d45C-NQxQ1jfhxGDgInwySiwrCHYU2yNrSOCaJe0Yhod9UcIchxviY9H8r6SuemaNSIlseTJYJ_UXrFebm0yV1hut5XQ7tfsWR5P4JnhviR0RUs9KubWBqKcdv3nkvMbWXOaCmhjQH5ouSbzQgQB9NOirUAWa-IyMp42HHYM-wU6dq6sBxpjQ_exgcVPJ25SafWukK9-4KrTENasxAalSJqxmwYlUWQBMhjPz0RQ6Ut5rWOqoU4TD5DlvBO20z0tswCZUecm-EDRBDMSXGQXu-wXSLErOOyikcyXDZhIDqgq0kNSUs89DTxiEr2pNVg1XsiD8DfcL16gNzhSZY5iyJx6bXZRuK5mWC44qwGu02Rg3zBqPyf-uRuc0rukRaFUbzzMj1nQTPkkZxzHyeONiM46T2PTPVLRf4VWoX_eEwpgsBNpJ1QZE-E0a--tCmLT7OZSrd1JQjrWlfE_9ct5Q2NL6_6V-RiQ2HP8JM40WsuxBDwubIG41VDONjSRFakvOFt4ndaHnuMEQNAYkOvOckor6qwI4XyOHBCev6gSAzPwrTfVnGOHBLHTBoubJji2Os2ihRWATN4o1dFFaLUGodNtWuND6h7DUfAqdjgf_mp0GOV3Hji3NRw1BroKrKze7xFztH9gX8oeZHAlimUxU5trGJc8oARTaIoUk3k8vdvJKkwvRrZxA7EgPmiVse0Lx8AG0fVOcLGkxV9zNfzS7I6c8dq4eTA_5EA7spWOVfK0ii8pvLTJWA202PfjvZxai4SquUPe5FjGDfekcNGLxSEQxXqUIm8NtQke9OFaqsZneruFdvXlxQ

Requested by

Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU4og,time:699,type:e,im:%7Bimprf:%7Bttecl:808,ecd:56,tsecr:91%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:463,pp:699,pm:0%7D,slEvents:%5B%7Bsl:n,t:397,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:463,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B236~50%5D,as:%5B236~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:200,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18.6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e.93_1401916-70726092%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:397,sis:553%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4oj,time:781,type:e,im:%7Bimprf:%7Bttecl:957,ecd:215,tsecr:157%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:212,o:569,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~970.250%5D%7D%7D,%7Bsl:i,t:569,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B213~100%5D,as:%5B213~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:354,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.13d14eef-8e2b-b7f5-4b91-f31349d04080.137_925175%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262,sis:635%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt01.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 146ms
146ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4ok,time:748,type:e,im:%7Bimprf:%7Bttecl:831,ecd:56,tsecr:75%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:749,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B220~100%5D,as:%5B220~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460,sis:602%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt25.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 144ms
144ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4on,time:782,type:e,im:%7Bimprf:%7Bttecl:1020,ecd:149,tsecr:90%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:179,o:603,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D,%7Bsl:i,t:603,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B179~100%5D,as:%5B179~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:15.39e9f274-aedb-0059-9733-bfdf51b6510e.71_925175%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421,sis:660%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 144ms
144ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU4oo,time:780,type:e,im:%7Bimprf:%7Bttecl:976,ecd:142,tsecr:80%7D%7D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:601,n:527,pp:179,pm:0%7D,slEvents:%5B%7Bsl:n,t:435,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1,0~0%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:527,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:601,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B180~50%5D,as:%5B180~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:0,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18.160ac7f0-837b-a839-d52e-10f983b728f2.71_925175%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:436,sis:658%7D&br=c
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4pX,pingTime:-10,time:883,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684203092456%7C%7C5e95a400530942825b76093cd33addac%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Cc6663e5297b9c15d89c5247ead54d8fb%7C%7C4523c168e48fa58412cf853e76937cc4%7C%7C6440de83134f501f719974de33fd46f3%7C%7Cffa65939b8d8b905e670ff8651d66374%7C%7C84994f2536c896d1fca5ef22a7806214%7C%7C1663701684%7D
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt10.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU4q5,pingTime:-10,time:812,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684203092456%7C%7C5e95a400530942825b76093cd33addac%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Cc6663e5297b9c15d89c5247ead54d8fb%7C%7C4523c168e48fa58412cf853e76937cc4%7C%7C6440de83134f501f719974de33fd46f3%7C%7Cffa65939b8d8b905e670ff8651d66374%7C%7C84994f2536c896d1fca5ef22a7806214%7C%7C1663701684,sca:%7Bspg:65edb9f0-f3e7-e9ac-bd12-e1814f64c257%7D%7D
Requested by: Host: 0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
URL: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/safeframe/1-0-40/html/container.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame 7C37 0
0 60ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjssOcuksX83dMcPLMhavluX2kAt_bhfrmYFhS20ME-30z2Gwmua2ka70YI9NCQDkTfdRJsEA24I7JkgnVitkijSvi4hUlm7-o2CJVvkFRVFgf8XIMGtmXSZ8YrroMNwLnO3bFu6D0zeWalal780ub4m-XOJ31vPpBl_GJP3O6X1Ni5dOB14X6-QUoiRpzP8xfBPsbRnh5ShaoKQy9uuRBxaKP4p-0_yKbscXhsbp0SqRM6SpajtVxZjxyZHcxL5KogArXx8HdVjKLiz9qO5t0AfuMNw2XbfkXMDHv5CVzlSOHQJZSGIZXG7Q4I1TBLzazqKcZTbA9XKW59I5xDbh7DN-Gfc&sai=AMfl-YTKqlJDZeMS3Xx3vsE8UpBNGzpDLOzhIafwcjyjR_uUC4ObcpDB6Aep57KJ4uy0cpHUfuS3qDOjUlIORbiLyx5UiMfQ38_I1EAiErJ2iMnzyVa9pfxSgmzkhuPugimB1av4TFAe-QhuCpn4NnA&sig=Cg0ArKJSzKsr8jhfcVLBEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:32 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDE5 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsuFZLKyFBpeXIGBSaBQ9y7LiZT2RpLuP1uynYjtGkKfFVLdiC1lTTe3ncdzgemi4M1mD_PgUUaCh1sgdTzuf5FKvbeZlRiYwtg&sig=Cg0ArKJSzGnhX14UErrpEAE&id=lidar2&mcvt=1000&p=0,0,250,970&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=1575237685&rs=6&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090600&rpt=895&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C37 42 B
64 B 56ms
56ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsv46w2eI17IIN-vGtpKjsN4Tb-Oq2yfuE5F37rEfFhVkMzvogd1TZ6vFClsal-2-4qygBZIUZRC7PsYh55USfPUAkfXRqNfQp4&sig=Cg0ArKJSzFZF0QQ_vARHEAE&id=lidar2&mcvt=1003&p=0,0,250,300&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=34&adk=153375247&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090574&rpt=887&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1E4 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstryX6hHoINx11x2v-Laa9uE5fJThgio49i8pcG6sb-V6omws0G9rtWMCcwQpxKJCI7NyzDD_4xSWpUonI0J7fvwmirC7Z_RyI&sig=Cg0ArKJSzPiGZP9sEcd2EAE&id=lidar2&mcvt=1005&p=0,0,600,300&mtos=0,0,1005,1005,1005&tos=0,0,1005,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=0.66&if=1&vu=1&app=0&itpl=34&adk=2584423925&rs=6&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090613&rpt=907&met=mue&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4rd,pingTime:-10,time:927,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684203092456%7C%7C5e95a400530942825b76093cd33addac%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Cc6663e5297b9c15d89c5247ead54d8fb%7C%7C4523c168e48fa58412cf853e76937cc4%7C%7C6440de83134f501f719974de33fd46f3%7C%7Cffa65939b8d8b905e670ff8651d66374%7C%7C84994f2536c896d1fca5ef22a7806214%7C%7C1663701684,sca:%7Bspg:65edb9f0-f3e7-e9ac-bd12-e1814f64c257%7D%7D
Requested by: Host: cyberscoop.com
URL: https://cyberscoop.com/ransomware-group-ra-group-talos/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame DDE5 0
0 59ms
58ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjsvtmsvzdXSCmVWYogNmYXFWjfoUconJ7iN_rDJjar4eOT7u_iaubQmV8Zg48RvqF8xLVJEdcnjJGPFIHT9jiQk-Dfoqj40FdB_aK0JJMnlnVebA7cQf7DyTbv7oFj8nlevybAlgCAoNESbFzvfWYmYiUAJgZTxtbPdLQI6G_zng7DrxGwjpFhUwgcAtQFZ3t93RqfcqSQ1z0Y7tDw4WbARLWZ9Q7UUvjCH198BSFnobA45msxKcrKNLfrchNA0yu9TguiLnlgoiNK9VdjuUi8bhpLoRnSI8kiLflpVofzUqNjpxfMClGObek7xIaFcfpSIsuZZHxhhYevLV&sai=AMfl-YTPX-XKUCRGu-RkQmnAIxtYbu7Nfq6ceqRVj1W3hjdWUaNakboXJLZPQpIpugkqdPjspn50fU5827R7F2eODCBXefeAKIOGKxQjdM_GuJUrRuT-otmS3M9L5c642dAvsqW0VGgZTgpp3ZuBwuk&sig=Cg0ArKJSzGEYRYtNd_tGEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:32 GMT

GET
H3 200 view
securepubads.g.doubleclick.net/pcs/ Frame F1E4 0
0 61ms
60ms Fetch
image/gif 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://securepubads.g.doubleclick.net/pcs/view?xai=AKAOjstk7p3n0Ruy0_5-38mbKfCLNzzR8hrDsng-ePgtiT6ENCLQ2kZprZCzUAAJkgeK8XTqEuukBE_ndYguYV75hxxr-AlM_XIbQGax5dmw5qQ0lJ-tvlT0l3lkqJ-_v2n1nEXIgcatiHUKVi5z_BXVvVTGCVOxT_4Swi7YpIKCHvi2ffdTWwgrPM2pzBPoRUzFsiU1YLV5Wyyzx2xXyeEZrvpDYdc3waBvs3wgmZwYkIARX06HxwrUzkesxaqxhlRFAk3IjFKoSuyQD025MV-DPSG9XT78GQ8JsSx0I-W4E9CsGI5VcnHw94r7iuY3F8q5Tb7kZcReXvxj6Bqw6HTMqeUNKIE&sai=AMfl-YTnQo1QeJvMNB-J8URzEtx9pK9et0p1-8KssKiHUx2qCgGCurz5uFel8iIX93_AjK8BVx6Os_kPkNhNDcmeV2LATCk2B0kr2Y3AsdXGK8v99b01F7MKO1tIJL-mEbexdbnyhQsShEZCM8vdWTY&sig=Cg0ArKJSzHGlUTXSTBKjEAE&uach_m=[UACH]&urlfix=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&adurl=

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
x-xss-protection: 0
expires: Tue, 16 May 2023 02:11:32 GMT

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 15 KB
11 KB 37ms
37ms XHR
application/json 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gpt&tv=m202305100101&st=env

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b63d3126bb010767303c54ae3373f44bfa8710f0d10893a3011dd5d9c2769b0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11283
x-xss-protection: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
1 KB 222ms
166ms Image
image/gif 2606:4700::6813:9b53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=4102216092&v=1.1&a=2153467&rcu=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&pu=https%3A%2F%2Fcyberscoop.com%2Fransomware-group-ra-group-talos%2F&t=Ransomware+group+claims+2.5+terabytes+of+stolen+data+less+than+a+month+after+emerging+online+%7C+CyberScoop&cts=1684203092590&vi=3b836e8af5bfe69858d69e93568a7459&nc=true&u=143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1&b=143679850.1.1684203092586&cc=15

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9b53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-evy-trace-route-service-name: envoyset-translator
x-hubspot-correlation-id: ac9953e0-1648-4cae-9528-efebd89ccb15
p3p: CP="NOI CUR ADM OUR NOR STA NID"
x-envoy-upstream-service-time: 5
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
x-evy-trace-route-configuration: listener_https/all
x-evy-trace-listener: listener_https
x-request-id: 28e1b6b3-de05-4ef0-8dad-a525917a7990
server: cloudflare
vary: origin, Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7y9Km8CK4su9PIzuqjrqNBhbTy2SRjyVQf6TDOHHbR2NH5QiAnxDvRJ0JeSds0hEGzFkyuubd0V61RWW91Os2K4lvPcOGuoIRJqIPaFXUEBcGMuM0lAxP3eyySGQw2I42nj6bTJDTquUZGUFvyOq"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
x-evy-trace-served-by-pod: iad02/analytics-tracking-td/envoy-proxy-8684ddbc9d-mvf4f
x-evy-trace-virtual-host: all
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
cf-ray: 7c80173118983660-FRA
x-robots-tag: none

GET
H3 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: securepubads.g.doubleclick.net
URL: https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 6386
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
etag: "1637097310169751"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 16 May 2023 02:11:32 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/225/ Frame 51E6 13 KB
5 KB 26ms
23ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
age: 19773
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: public, max-age=31536000
content-encoding: gzip
content-length: 5046
content-type: text/html
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
cross-origin-resource-policy: cross-origin
date: Mon, 15 May 2023 20:41:59 GMT
expires: Tue, 14 May 2024 20:41:59 GMT
last-modified: Mon, 21 Jun 2021 20:47:05 GMT
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
server: sffe
vary: Accept-Encoding
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 3E66 783 B
970 B 32ms
31ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

37dfc8075dd1fdba16382f12c0e7da734ae93253fe2a40a30cba0064dfa377a3

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5UUvT9pFOOI6xsnbuV68vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cyberscoop.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=300
content-encoding: gzip
content-length: 513
content-security-policy: script-src 'report-sample' 'nonce-5UUvT9pFOOI6xsnbuV68vQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Tue, 16 May 2023 02:11:32 GMT
expires: Tue, 16 May 2023 02:11:32 GMT
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 110ms
110ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU4tZ,pingTime:-10,time:1127,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684203092456%7C%7C5e95a400530942825b76093cd33addac%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Cc6663e5297b9c15d89c5247ead54d8fb%7C%7C4523c168e48fa58412cf853e76937cc4%7C%7C6440de83134f501f719974de33fd46f3%7C%7Cffa65939b8d8b905e670ff8651d66374%7C%7C84994f2536c896d1fca5ef22a7806214%7C%7C1663701684,sca:%7Bspg:65edb9f0-f3e7-e9ac-bd12-e1814f64c257%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 3E66 0
0 122ms
121ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&li=gpt_m202305100101&jk=2310393918481724&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js Show response
pagead2.googlesyndication.com/bg/ Frame 51E6 37 KB
14 KB 21ms
21ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/P5-LUlKWgeVE-8P4rcqghB-z6blpBMZONJN7JkJDv9g.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 21:34:20 GMT
content-encoding: br
x-content-type-options: nosniff
age: 189432
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14670
x-xss-protection: 0
last-modified: Mon, 08 May 2023 09:28:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Sun, 12 May 2024 21:34:20 GMT

GET
H3 204 generate_204
tpc.googlesyndication.com/ Frame 51E6 0
10 B 20ms
20ms Image
text/plain 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tpc.googlesyndication.com/generate_204?ZeeOEw
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/sodar/sodar2/225/runner.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 16 May 2023 02:11:32 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H3 200 logo_white.svg
s0.2mdn.net/sadbundle/12829355415431909801/300x250/ Frame 670A 1001 B
563 B 21ms
21ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/logo_white.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 May 2024 12:48:51 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 108ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4wO,pingTime:-10,time:1305,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684203092456%7C%7C5e95a400530942825b76093cd33addac%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Cc6663e5297b9c15d89c5247ead54d8fb%7C%7C4523c168e48fa58412cf853e76937cc4%7C%7C6440de83134f501f719974de33fd46f3%7C%7Cffa65939b8d8b905e670ff8651d66374%7C%7C84994f2536c896d1fca5ef22a7806214%7C%7C1663701684,sca:%7Bspg:65edb9f0-f3e7-e9ac-bd12-e1814f64c257%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:32 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 200 logo_white.svg
s0.2mdn.net/sadbundle/12829355415431909801/300x250/ Frame 670A 1001 B
563 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/logo_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/12829355415431909801/300x250/300x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Sat, 13 May 2023 12:48:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 220961
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:04 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sun, 12 May 2024 12:48:51 GMT

GET
H3 200 logo_white.svg
s0.2mdn.net/sadbundle/6020346782542375082/300x600/ Frame 1A20 1001 B
563 B 21ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/logo_white.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 09:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 09:40:28 GMT

GET
H3 200 logo_white.svg
s0.2mdn.net/sadbundle/16098904663021432394/970x250/ Frame F25B 1001 B
563 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/logo_white.svg

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 May 2024 06:02:39 GMT

GET
H3 200 logo_white.svg
s0.2mdn.net/sadbundle/16098904663021432394/970x250/ Frame F25B 1001 B
563 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/logo_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/16098904663021432394/970x250/970x250.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Tue, 09 May 2023 06:02:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 590933
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:19 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Wed, 08 May 2024 06:02:39 GMT

GET
H3 200 logo_white.svg
s0.2mdn.net/sadbundle/6020346782542375082/300x600/ Frame 1A20 1001 B
563 B 20ms
20ms Image
image/svg+xml 2a00:1450:4001:82f::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/logo_white.svg

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6020346782542375082/300x600/300x600.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

date: Thu, 11 May 2023 09:40:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 405064
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 534
x-xss-protection: 0
last-modified: Tue, 02 May 2023 15:18:08 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Fri, 10 May 2024 09:40:28 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU4AB,pingTime:1,time:1464,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:397%7D,%7Bpiv:66,vs:pp,t:463%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:463,pp:1464,pm:0%7D,slEvents:%5B%7Bsl:n,t:397,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:463,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~50%5D,as:%5B1001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:110,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18.6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e.93_1401916-70726092%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:397,sis:553%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt24.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 108ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4AW,pingTime:1,time:1530,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1530,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:109,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460,sis:602%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt22.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4AX,pingTime:1,time:1531,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1531,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:109,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460,sis:602,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt21.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU4AX,pingTime:1,time:1531,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1531,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:109,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460,sis:602,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt20.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4AZ,pingTime:1,time:1524,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D,%7Bpiv:100,vs:i,r:,t:522%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:522,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~970.250%5D%7D%7D,%7Bsl:i,t:522,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:117,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280,sis:527%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4AZ,pingTime:1,time:1524,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D,%7Bpiv:100,vs:i,r:,t:522%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:522,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~970.250%5D%7D%7D,%7Bsl:i,t:522,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:117,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280,sis:527,metricId:publ1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4AZ,pingTime:1,time:1524,type:c,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D,%7Bpiv:100,vs:i,r:,t:522%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:1002,o:522,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~970.250%5D%7D%7D,%7Bsl:i,t:522,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~100%5D,as:%5B1002~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:117,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280,sis:527,metricId:grpm1,cmr:t%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 108ms
108ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4B2,pingTime:1,time:1570,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:389%7D,%7Bpiv:100,vs:i,r:,t:569%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:569,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~970.250%5D%7D%7D,%7Bsl:i,t:569,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.13d14eef-8e2b-b7f5-4b91-f31349d04080.137_925175%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262,sis:635%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt14.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU4B2,pingTime:1,time:1570,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:389%7D,%7Bpiv:100,vs:i,r:,t:569%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:569,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~970.250%5D%7D%7D,%7Bsl:i,t:569,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.13d14eef-8e2b-b7f5-4b91-f31349d04080.137_925175%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262,sis:635%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4BD,pingTime:1,time:1604,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:420%7D,%7Bpiv:0,vs:o,r:l,t:523%7D,%7Bpiv:100,vs:i,r:,t:603%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1001,o:603,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D,%7Bsl:i,t:603,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1000~100%5D,as:%5B1000~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:15.39e9f274-aedb-0059-9733-bfdf51b6510e.71_925175%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421,sis:660%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt08.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU4BE,pingTime:1,time:1605,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:420%7D,%7Bpiv:0,vs:o,r:l,t:523%7D,%7Bpiv:100,vs:i,r:,t:603%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:1002,o:603,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D,%7Bsl:i,t:603,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1001~100%5D,as:%5B1001~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:110,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:15.39e9f274-aedb-0059-9733-bfdf51b6510e.71_925175%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421,sis:660%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt06.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 109ms
109ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU4BF,pingTime:1,time:1603,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:435%7D,%7Bpiv:0,vs:o,r:l,t:527%7D,%7Bpiv:66,vs:pp,r:,t:601%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:601,n:527,pp:1002,pm:0%7D,slEvents:%5B%7Bsl:n,t:435,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1,0~0%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:527,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:601,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B1002~50%5D,as:%5B1002~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:121,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18.160ac7f0-837b-a839-d52e-10f983b728f2.71_925175%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:436,sis:658%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt04.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU4Dd,pingTime:-10,time:1662,type:s,mvn:ZnNjPTEzLHNkPTMsbm89OCxhc3A9MQ--,sd:MTcuNi4ydjEyMDB8fDE2MDB8fDF8fDF8fDI0fHwxMjAwfHwwfHwwfHwxfHxsYW5kc2NhcGUtcHJpbWFyeXx8MjR8fDQvM3x8NC8zfHwwfHwxNjAw,no:MTcuNi4ydk1vemlsbGF8fE5ldHNjYXBlfHxufHxufHwwfHxufHxXaW4zMnx8R2Vja298fDIwMDMwMTA3fHwwfHxNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgeDY0KSBBcHBsZVdlYktpdC81MzcuMzYgKEtIVE1MLCBsaWtlIEdlY2tvKSBDaHJvbWUvMTEzLjAuNTY3Mi45MiBTYWZhcmkvNTM3LjM2fHwxfHwxfHxHb29nbGUgSW5jLnx8bg--,ch:n,fsc:17.6.2v222222220002222202222222220222222222202222222220222202000022000220222222220000222202002222202222222220222222220000020022222200022222220200000222200022220002022022022222202002220222022222022220000220200000022220222220222222222222202222222222222222222222222222222222222200000022022020020000002022202022022022222222000000000020222202022022222000000020000000000000000000020220202220000022200222202220022200200222022202220022220222200202222020002200002222022222202222000002002002222222202220022202200022002220222202,asp:1684203092456%7C%7C5e95a400530942825b76093cd33addac%7C%7Cab86779afaa51e47dadd00830d4bacef%7C%7Cc6663e5297b9c15d89c5247ead54d8fb%7C%7C4523c168e48fa58412cf853e76937cc4%7C%7C6440de83134f501f719974de33fd46f3%7C%7Cffa65939b8d8b905e670ff8651d66374%7C%7C84994f2536c896d1fca5ef22a7806214%7C%7C1663701684,sca:%7Bspg:65edb9f0-f3e7-e9ac-bd12-e1814f64c257%7D%7D
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
server: nginx
x-server-name: dt11.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 59ms
58ms Image
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=225&t=2&li=gpt_m202305100101&jk=2310393918481724&bg=!-vml-a3NAAYldGN0BXQ7ADkAdvg8WlCrgEnA56NoIWKtseUfc4lKq2UhG621owvg--XKjT3Dd8DyspExWH3FKou96zc1XvukKsoCAAAAaFIAAAADaAEHmQKpFHwCBaH0LW70C5ncQeIiRyEVKjQLI8YcbBwSMzUQNTkHUOIUdjrLV9YKpN-LVU8ANCr2buxkHizcH9r1kl4kqNN4gHptV4oSkTpy1YfhygMJWJ5LpE7tEtFh7OYyULKKTD1J3YPx7ylLTPFh2CB4847SnEoiKWvde8mtv9TraU-e_nZ0OdYGbysmyoRCP_tqRtUPw-1m6zKCls44QQGM3HK8qY_QTwUbmdszHg9r_b3nWojkSBqPNIqv6iVQEtlFV8wzZMisxYGZEj3xx8vlLDaxOckmLlCSTLrs6zxhEd7sj-zqv8kEKdNPj_7IcsVWS5LR6kQr_UyPiJsrMo88ZrU6R4qCuGzmk88bIdFbhMIONVrJxHNtqPlt7m3u4cbF411Kw75LuIHx2-tShlr_a0iLOuuXG-Njzw7zjBHzI8cX-UKBc6mEWgtw5109ligHcX2aSoBHtvQikciCuLkYXBt2GbRCkMucwcHmjiv_sqMBNAaLZIqbeNuw4IlVxFkcjxATwTYbIa1b6JEyUegxfY6NG-MhzalIUKG0eIJKQVeTEE5koMlbFGCZ3nAatKxEY10n6b22O7-UX4LQ-G9kp2JiF_7O8u9j-oXBtPPMOfpo2y_bXmg_e9drRoDM-7vdQ3o50Y_V2rcMGzOH_Ti8bj99ObKalEJ6_D8d1ik-jf_Ieq4BOi8qYZpzpWzs73bqCDtfQvvwkEBk3kYNe0jQ1ninbLa2L8j2ApZPE0Xa87y3OqpUqQ7umHWaUbDKySpJOFH53G4cCy5tG7ROSFlxs7nZZRpvq8dLfmrecW1oCmARoASsiKlakCkAlyMRO-t95XkweAThVdwHBqwX__jND89sjY1zUBIiNIrll5GheKk9gFBqEgvkVuWdJKDGrcTToEmQDJwSkW1A
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://cyberscoop.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 7C37 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssPc7SKzpccHWHK_rA7jJQHsiV081WBmsrgRML1fxxJOzThjsZYoA2Rl91_2HsnIsqDogIuscLhVTlyCqcT9d2ov4rXrv1Ab3E2k6ZFjgjfRzkCWXT5&sig=Cg0ArKJSzC03yNskeJ99EAE&id=lidar2&mcvt=1008&p=524,1143,774,1443&mtos=1008,1008,1008,1008,1008&tos=1008,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=4107124343&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090574&rpt=1937&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame F1E4 42 B
64 B 58ms
57ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu7IkkL8CzUKZSZmqFeON4U-M9Wd-fdHV6zBzud1SMJpUcM5Nto8kj3-5L4RANsyFvwfJW3-OsUxFstcN6JKCXdTpLXc3W6y8caL-rN_SnbtkQa7BnP&sig=Cg0ArKJSzERMh0L888PoEAE&id=lidar2&mcvt=1000&p=806,1143,1406,1443&mtos=0,0,1000,1000,1000&tos=0,0,1000,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=0.66&if=1&vu=1&app=0&itpl=19&adk=4015763869&rs=4&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090613&rpt=1963&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame DDE5 42 B
64 B 58ms
58ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjss1efuP6eRjzg07ND0EXehIZiTX_pwDsgOtATn0Ns72RmR-mBViUfQswGaYgSU_mNosV7JCqdYx7xbovzxJ6VEZaSNFjh6D5eQdpkKktK5Wk8qV_oGk&sig=Cg0ArKJSzNYXLlYqHmqAEAE&id=lidar2&mcvt=1003&p=24,315,274,1285&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20230515&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=19&adk=1951456962&rs=4&la=1&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLDAsbnVsbCwiIixbXSwwXQ%3D%3D&vs=4&r=v&rst=1684203090600&rpt=1967&isd=0&lsd=0&met=ie&wmsd=0&pbe=0&vae=0&spb=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
access-control-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=160ac7f0-837b-a839-d52e-10f983b728f2&tv=%7Bc:cJU5D7,pingTime:5,time:5464,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:397%7D,%7Bpiv:66,vs:pp,t:463%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:0,o:0,n:463,pp:5464,pm:0%7D,slEvents:%5B%7Bsl:n,t:397,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B74~1%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:463,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:i,cc:NaN.NaN.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~50%5D,as:%5B5001~300.600%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:109,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18*.925175%7C1811%7C182%7C183%7C19,idMap:18.6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e.93_1401916-70726092%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:397,sis:553%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt02.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=39e9f274-aedb-0059-9733-bfdf51b6510e&tv=%7Bc:cJU5Ds,pingTime:5,time:5530,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:460%7D,%7Bpiv:100,vs:i,t:529%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5530,o:0,n:529,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:460,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B76~1%5D,as:%5B76~300.250%5D%7D%7D,%7Bsl:i,t:529,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:i,cc:NaN.NaN.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~300.250%5D%7D%7D%5D,slEventCount:2,em:true,fr:false,e:,tt:jload,dtt:121,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.925175%7C1511%7C152%7C153%7C16%7C17.1401916-70726087%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C183%7C184%7C19,idMap:15.3d849f1c-a186-5fdf-9ad3-32471226f785.102_1401916-70726091%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:460,sis:602%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt09.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?anId=925175&asId=13d14eef-8e2b-b7f5-4b91-f31349d04080&tv=%7Bc:cJU5Dt,pingTime:5,time:5522,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:280%7D,%7Bpiv:0,vs:o,r:l,t:416%7D,%7Bpiv:100,vs:i,r:,t:522%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,gm:1,slTimes:%7Bi:5000,o:522,n:416,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:280,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B145~1,0~0%5D,as:%5B145~970.250%5D%7D%7D,%7Bsl:o,t:416,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B106~0%5D,as:%5B106~970.250%5D%7D%7D,%7Bsl:i,t:522,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:i,cc:NaN.NaN.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:jload,dtt:108,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.925175%7C1711%7C172%7C173%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.65edb9f0-f3e7-e9ac-bd12-e1814f64c257.136_1401916-70726087%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:280,sis:527%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt12.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU5Dy,pingTime:5,time:5570,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:389%7D,%7Bpiv:100,vs:i,r:,t:569%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:569,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~970.250%5D%7D%7D,%7Bsl:i,t:569,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.13d14eef-8e2b-b7f5-4b91-f31349d04080.137_925175%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262,sis:635%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt13.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame DDE5 43 B
215 B 106ms
105ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=65edb9f0-f3e7-e9ac-bd12-e1814f64c257&tv=%7Bc:cJU5Dy,pingTime:5,time:5570,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:970,h:250,t:261%7D,%7Bpiv:0,vs:o,r:l,t:389%7D,%7Bpiv:100,vs:i,r:,t:569%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:569,n:389,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:260,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B147~1,0~0%5D,as:%5B147~970.250%5D%7D%7D,%7Bsl:o,t:389,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B179~0%5D,as:%5B179~970.250%5D%7D%7D,%7Bsl:i,t:569,wc:0.0.1600.1200,ac:NaN.NaN.970.250,am:sp,cc:0.0.970.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5001~100%5D,as:%5B5001~970.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:115,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C16%7C17*.1401916-70726087%7C1711%7C172%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:17.13d14eef-8e2b-b7f5-4b91-f31349d04080.137_925175%7C17*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:262,sis:635%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt15.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 107ms
107ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU5E9,pingTime:5,time:5604,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:420%7D,%7Bpiv:0,vs:o,r:l,t:523%7D,%7Bpiv:100,vs:i,r:,t:603%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:603,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D,%7Bsl:i,t:603,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:15.39e9f274-aedb-0059-9733-bfdf51b6510e.71_925175%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421,sis:660%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt19.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame 7C37 43 B
215 B 106ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=3d849f1c-a186-5fdf-9ad3-32471226f785&tv=%7Bc:cJU5E9,pingTime:5,time:5604,type:pf,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:250,t:420%7D,%7Bpiv:0,vs:o,r:l,t:523%7D,%7Bpiv:100,vs:i,r:,t:603%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:5001,o:603,n:522,pp:0,pm:0%7D,slEvents:%5B%7Bsl:n,t:420,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B110~1,0~0%5D,as:%5B110~300.250%5D%7D%7D,%7Bsl:o,t:522,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B81~0%5D,as:%5B81~300.250%5D%7D%7D,%7Bsl:i,t:603,wc:0.0.1600.1200,ac:NaN.NaN.300.250,am:sp,cc:0.0.300.250,piv:100,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5000~100%5D,as:%5B5000~300.250%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:109,fm:tEnKxb8+11%7C12%7C13%7C14%7C15*.1401916-70726091%7C1511%7C152%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18.1401916-70726092%7C1811%7C182%7C19,idMap:15.39e9f274-aedb-0059-9733-bfdf51b6510e.71_925175%7C15*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:421,sis:660%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt16.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

GET
H2 200 dt
dt.adsafeprotected.com/ Frame F1E4 43 B
215 B 107ms
106ms Image
image/gif 2600:1f18:1aca:4282:8fe:de36:708f:cb17
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dt.adsafeprotected.com/dt?advEntityId=1401916&asId=6b0fd1f0-6f09-6808-c7ca-cdf2b0f5204e&tv=%7Bc:cJU5Eb,pingTime:5,time:5603,type:p,clog:%5B%7Bpiv:-1,vs:n,r:,w:300,h:600,t:435%7D,%7Bpiv:0,vs:o,r:l,t:527%7D,%7Bpiv:66,vs:pp,r:,t:601%7D%5D,es:0,sc:1,ha:1,fgad:1,fif:0,gmnp:0,for:1,b11:0,cnod:1,intblk:1,gm:0,slTimes:%7Bi:0,o:601,n:527,pp:5002,pm:0%7D,slEvents:%5B%7Bsl:n,t:435,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:-1,obst:0,th:0,reas:,bkn:%7Bpiv:%5B97~1,0~0%5D,as:%5B97~300.600%5D%7D%7D,%7Bsl:o,t:527,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:0,obst:0,th:0,reas:l,bkn:%7Bpiv:%5B74~0%5D,as:%5B74~300.600%5D%7D%7D,%7Bsl:pp,t:601,wc:0.0.1600.1200,ac:NaN.NaN.300.600,am:sp,cc:0.0.300.600,piv:66,obst:0,th:0,reas:,bkn:%7Bpiv:%5B5002~50%5D,as:%5B5002~300.600%5D%7D%7D%5D,slEventCount:3,em:true,fr:false,e:,tt:rjss,dtt:111,fm:tEnKxb8+11%7C12%7C13%7C14%7C15.1401916-70726091%7C1511%7C152%7C153%7C16%7C17.925175%7C1711%7C172%7C173%7C174%7C18*.1401916-70726092%7C1811%7C182%7C19,idMap:18.160ac7f0-837b-a839-d52e-10f983b728f2.71_925175%7C18*,rmeas:1,rend:1,renddet:DIV.qs.sn,siq:436,sis:658%7D&br=c
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:1aca:4282:8fe:de36:708f:cb17 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.92 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 May 2023 02:11:37 GMT
server: nginx
x-server-name: dt17.va.303net.net
p3p: CP="COM NAV INT STA NID OUR IND NOI"
content-type: image/gif
cache-control: no-cache
content-length: 43

Verdicts & Comments Add Verdict or Comment

75 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

31 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
cyberscoop.com/	1970-01-20 11:51:29	Name: sng_interstitial Value: 1
.cyberscoop.com/	1970-01-20 11:50:04	Name: _parsely_session Value: {%22sid%22:1%2C%22surl%22:%22https://cyberscoop.com/ransomware-group-ra-group-talos/%22%2C%22sref%22:%22%22%2C%22sts%22:1684203090309%2C%22slts%22:0}
.cyberscoop.com/	1970-01-20 21:19:27	Name: _parsely_visitor Value: {%22id%22:%22pid=b431018af5faa8ccb658bf8fec52e37a%22%2C%22session_count%22:1%2C%22last_session_ts%22:1684203090309}
.cyberscoop.com/	1970-01-20 21:11:39	Name: __gads Value: ID=b781dc914055665b:T=1684203090:S=ALNI_MYxSwFYOwoRzfnHEldNBWmyXq8bOg
.cyberscoop.com/	1970-01-20 21:11:39	Name: __gpi Value: UID=00000c15d25d73d7:T=1684203090:RT=1684203090:S=ALNI_MZtjWu7dnN4keMPnrk7luvvpmzZyA
.doubleclick.net/	1970-01-20 21:11:39	Name: IDE Value: AHWqTUl8aw18yMi5AkcfA2ywoVdL3joJ4x4Ql2RPfk8wTimY51xNcn2XRCiMTneW0YM
.cyberscoop.com/	1970-01-20 21:26:03	Name: _ga_T6DX9FEHNM Value: GS1.1.1684203090.1.0.1684203090.0.0.0
cyberscoop.com/	1970-01-20 11:51:29	Name: ln_or Value: eyI1MDAzNiI6ImQifQ%3D%3D
.cyberscoop.com/	1970-01-20 21:26:03	Name: _ga Value: GA1.2.1062206802.1684203090
.cyberscoop.com/	1970-01-20 11:51:29	Name: _gid Value: GA1.2.1109618069.1684203091
.cyberscoop.com/	1970-01-20 11:50:03	Name: _gat_UA-80491860-1 Value: 1
.linkedin.com/	1970-01-20 13:59:39	Name: li_sugr Value: 972eda90-1bcc-4ca2-aeb5-551f1627696d
.linkedin.com/	1970-01-20 20:35:39	Name: bcookie Value: "v=2&fe2ae5e1-f35e-4f3b-8c23-f7f218c9c365"
.linkedin.com/	1970-01-20 11:51:29	Name: lidc Value: "b=OGST03:s=O:r=O:a=O:p=O:g=2923:u=1:x=1:i=1684203090:t=1684289490:v=2:sig=AQHbKLc-7YNstYTnLHI1vYCrY9IMdl2X"
.cyberscoop.com/	1970-01-20 20:35:39	Name: _hjSessionUser_3095877 Value: eyJpZCI6ImMzMDRmNjljLTM2MDYtNTg5Yi04YjE4LTAwNmI3NGFlZmRiNCIsImNyZWF0ZWQiOjE2ODQyMDMwOTEwNDUsImV4aXN0aW5nIjpmYWxzZX0=
.cyberscoop.com/	1970-01-20 11:50:04	Name: _hjFirstSeen Value: 1
.cyberscoop.com/	1970-01-20 11:50:03	Name: _hjIncludedInSessionSample_3095877 Value: 0
.cyberscoop.com/	1970-01-20 11:50:04	Name: _hjSession_3095877 Value: eyJpZCI6Ijg1OTIyYTY1LWEzZWEtNDExNy1iNGM1LWQ3YzUzYjQxMDQ3MCIsImNyZWF0ZWQiOjE2ODQyMDMwOTEwNTUsImluU2FtcGxlIjpmYWxzZX0=
.cyberscoop.com/	1970-01-20 11:50:04	Name: _hjAbsoluteSessionInProgress Value: 0
.t.co/	1970-01-20 21:26:03	Name: muc_ads Value: e9743595-916c-43ba-8b87-29433445fe1c
.twitter.com/	1970-01-20 21:26:03	Name: personalization_id Value: "v1_bvX4RFQcrBwjyHnE1HD2Ow=="
.cyberscoop.com/	1970-01-20 13:59:39	Name: _fbp Value: fb.1.1684203091085.1436452450
.linkedin.com/	1970-01-20 12:33:15	Name: UserMatchHistory Value: AQIgxEj4fEFbWgAAAYgiU7TdNfVpXDhat62ZVvbajPx5-76WkLeByitcOAdmu3G6OzUBM1SBfzkC0A
.linkedin.com/	1970-01-20 12:33:15	Name: AnalyticsSyncHistory Value: AQJpipbHQb5qnwAAAYgiU7TdvNuXm8glRqOp0_04dw6SXrZroUaZAXlE_XI4i0aNU355UbRtVlUE2aW1rJj7mw
.www.linkedin.com/	1970-01-20 20:35:39	Name: bscookie Value: "v=1&20230516021131744f4f03-4d2b-4f4e-8dbd-82ef22fb3eb5AQHSnc_JnJI7HqWSHHtxrdL2CewINCE8"
.linkedin.com/	1970-01-20 16:09:15	Name: li_gc Value: MTswOzE2ODQyMDMwOTE7MjswMjEsRrbMSrm2ZjpG5BOULCQjARNv3uC9B+u3UTesQTePsQ==
.cyberscoop.com/	1970-01-20 16:09:15	Name: __hstc Value: 143679850.3b836e8af5bfe69858d69e93568a7459.1684203092585.1684203092585.1684203092585.1
.cyberscoop.com/	1970-01-20 16:09:15	Name: hubspotutk Value: 3b836e8af5bfe69858d69e93568a7459
.cyberscoop.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
.cyberscoop.com/	1970-01-20 11:50:04	Name: __hssc Value: 143679850.1.1684203092586
.hubspot.com/	1970-01-20 11:50:04	Name: __cf_bm Value: hhgnDrjm9g0Syl.MhW3NY613NLPNUeQcXYIi21yFHss-1684203092-0-Ac++B8ozxecoCpsrFv9D8OaI0QOrlUwISFJWqI01IQClDjURgIxhnyHKoLSGAbtF63N/e2lcevz16DhHDCLgZf4=

5 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript	warning	URL: https://securepubads.g.doubleclick.net/tag/js/gpt.js(Line 9) Message: A parser-blocking, cross site (i.e. different eTLD+1) script, https://securepubads.g.doubleclick.net/pagead/managed/js/gpt/m202305100101/pubads_impl.js?cb=31074557, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.
other	warning	URL: https://www.googletagservices.com/dcm/impl_v95.js(Line 97) Message: Unrecognized feature: 'attribution-reporting'.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0eeafe9a9464fc24f3c4189193039b23.safeframe.googlesyndication.com
ad.doubleclick.net
adservice.google.com
adservice.google.de
analytics.twitter.com
cdn.linkedin.oribi.io
cdn.parsely.com
cdnjs.cloudflare.com
connect.facebook.net
cyberscoop.com
dt.adsafeprotected.com
fw.adsafeprotected.com
googleads4.g.doubleclick.net
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
p.typekit.net
p1.parsely.com
pagead2.googlesyndication.com
pixel.adsafeprotected.com
px.ads.linkedin.com
px4.ads.linkedin.com
region1.google-analytics.com
s0.2mdn.net
script.hotjar.com
securepubads.g.doubleclick.net
snap.licdn.com
static.ads-twitter.com
static.adsafeprotected.com
static.hotjar.com
stats.g.doubleclick.net
t.co
tpc.googlesyndication.com
track.hubspot.com
use.typekit.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.googletagservices.com
www.linkedin.com
104.244.42.195
104.244.42.69
13.107.42.14
142.250.186.102
142.250.186.162
146.75.120.157
18.66.100.58
18.66.112.24
18.66.97.49
2001:4860:4802:32::36
2600:1f18:1aca:4282:8fe:de36:708f:cb17
2600:9000:20eb:8400:2:53b2:240:93a1
2600:9000:223f:ca00:8:48e:53c0:93a1
2606:4700::6810:89ce
2606:4700::6811:180e
2606:4700::6812:19c4
2606:4700::6812:873b
2606:4700::6813:9b53
2620:1ec:21::14
2a00:1450:4001:808::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80b::2001
2a00:1450:4001:80b::200e
2a00:1450:4001:80e::2002
2a00:1450:4001:827::2002
2a00:1450:4001:82a::2001
2a00:1450:4001:82a::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2006
2a00:1450:4001:831::2002
2a00:1450:400c:c00::9a
2a02:26f0:3500:16::215:148f
2a02:26f0:480:f::213:7ed3
2a02:26f0:480:f::213:7edd
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
52.222.236.43
54.76.27.26
63.34.81.234
012c1c40f37b85e86f6e7629241a2bcd0ce665b41954a08d3c2c9a55c42cba89
01cee6a7a3f1444680b188ab84052e2b6c85966f53a718d3926135ebcc832ffd
03163fb7b374fe2300420baafc172c762df151ebe6299d6b23c4d9d683c67c4e
0516c28e93db061c85521fffb86a49485b17f083e155e68940114b6dc8d98c3c
08204982c484faf6890c60557a4e642971f17625ddddc0559dc0e3ca728ac9e0
08af6573ac524cdd20dc495145f3257ccbb03acf50ca498792801b23d092ce06
0d0d9063f4baf1c2b1b4da8a9951d531cfd7ffdc6ec741077c1231ba7637a4f5
0f2acda41c2ccb801da381897afcdc61852504c97fca73b708e95023955074aa
0fdd1e9317e89bc9c683377edc1b99c703f988996c7026211cc01ead0b3f3630
10d336af8e2ea341b3e52739aa4b04bd06a0c9433bfc2d831d58fadc0ac73592
11804a2a3eac8791e4670bea58db640015757ca2ae57ab77d669dd3ab0085d54
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
14099fd00568c8e91b7d36016e4e6113effc68577cdd0d941c8251473ade4b29
1a4f3b4fac8a1b4672f17ea493c910a540fefb08c3fad67c8de3bb68c11f8e39
1a86e5cd11e4c107f74c26cf880b4ee2175897ded3e0168a114f216b8721d9fc
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d56285e2fb36ec67f34ec2f88948d3300ceb44a0b4607b886efd8fac7704610
20f3803784e02d9d4c115444ad06344548fc791dce46c7f88f53321a43a43786
3164db7ef9efc7121ce85192340a653c6cb87e34caa05849c8fd47b7872f9fc5
37dfc8075dd1fdba16382f12c0e7da734ae93253fe2a40a30cba0064dfa377a3
3aa72d136756ca75bc79ce7578ed75e5427bd33112c96b2b91cb0a7d7ebc347b
3f43be92fe63af3e20c741cb5ef9fbcbe742bf78b6aafe693f31ed9720289d29
3f9f8b52529681e544fbc3f8adcaa0841fb3e9b96904c64e34937b264243bfd8
432bb63f83b54b85b196e4eb39ec0d8db33d8aeede7f12ec1a56ad04d7f32349
4397b39bca9ef7784f7ee354d27402a884e61e3adbf4d1e41ace0b688f8cf352
441342f6804e620eadb06824660f07a551d3ceffdb9f6c973dfef9ae133c4870
468959e93f9b4e6f07c6a8f8d0e93d8fcb37d76a8615a93ec153f5842247ba99
4de49c6955ef1ab94197487666c7021891d7b0a1402e3e06d8d8bb3047e32b9d
4e778181b46a001341499372efbad4f99a18674bce73c33dfd5021af138c1e8b
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
54a879695bc1dc9ff223f9f9a965925c5ec481b5295bdbc86b8644b0581e7248
55a119c0394f901a8a297e109c17b5e5402689708b999ab10691c16179f32a4a
572c153f12ece183e602325e76c01dba662552713252e6799e8e6fbf827252eb
61c32059a5e94075a7ecff678b33907966fc9cfa384daa01aa057f872da14dbb
6413983f57c8f999761ee0f4dc99b0f1fd6293626330e60c03d65a3bc071744f
6549333829c184ad798ef63121bdae7af134db23f02f95f04b786bfcbe915c28
6a4645a1aa31745840e1e5dee4a2788e78c1d09b094f4705a64ddda88d8bd235
7899fe8f107e9e1d14c41a14ea51e90ec4393b01af8db7cee9aa9cfa5ec3ad91
792c7133cd40f54ec263dcd52affec8da2b2d5cb7d2d1913fa52fd21cd80e4a6
7b1eaaaf180a13c29b6dddc3b0ae23333b4397e0f3c065b4c86da2f2530a5f89
7bc0c4519150a490750c0f9f77857d5af952bca0bad56e3db6d24bd79f18b4e7
83a818561b7f93e0f7664504ef5993250ab3f2e6420b5d73cf708fba0f5665e4
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
852741a31d90e44a35605c5163be36d0185f7bfe79360eed1f4e125c1315c87a
8dcee59828f1423ecefd552dd353e25bd4ac38a9557ee084604ee7c2d41d9b98
8eb96b4731d232e9cd54ef830c607716a2c543f593d705ab3493ecc04d6bad91
920853c10d939bdd55d7a7b8e1aee237a9321bf9f498d71c8a2d505f9a28926b
9599f3edd792a3af68cc0ecf14398d86361bc04ec60b0e5dc0a0d5dcd98b7ab6
961d7451d74678f15d278f0985e031a08531436181db15a1ad2e66bcfdb88641
9790593b4acafa770479511a888914881594976c5dcad980c82e781c5625ff44
97abafbbf6f1bf56bb6aa432287d1b03ce0d83c3d1ec50a36a6e0e6050cce9b0
987ed7567466e4fc79242bded7cfac38f7cf9da6c430fe6053266ba12c1fa1b1
98a3ab26574717a95d200c12658c4dbbb28109a057cc52f8a100e6da2b645963
9b7aaf2c55485b05c5c57fbd95ba6d098da8f8e1583f8946d882d9b3fb8c28ce
a08b800104b30a8098e84e2a7edf352683a92ca368954e6f16a51580f56c2547
a0a3f070ff9d7a89c999d93e56e5427ab54cd0760e3a2120b9edf7caf9ce9f29
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a9b847c681a24b03ba8acc0b4dcd8aab9acf8c4d3131be784d488e2402d57427
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
aca566587618e75fa291a419c7c430be02e03fc72f6105658c1bc8e7d59a65e4
ae7b3291a5abd0fbd8f793230f58ec5818624c3714954da938fdc123bdde2a87
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b63d3126bb010767303c54ae3373f44bfa8710f0d10893a3011dd5d9c2769b0d
b730a71a7f937b52bb8328c363a9074d3d1e7ae259f2a0b44784ccf97def2e49
ba42e38c9045a14f29b042c2fa0f1da6df8e5f428b8a2f317083f3bfff2b2a16
bbd385457b8455ef1893b2422ccbea230d4972c89e13b62b0d0a9e19ec44f084
bdeed1e1c0751610c8f3dc2a5c78c93f841c366b36a7f7a54f5e6752c2656c05
be82b86d9b21780a099f969767c8bf5a3dc1221eff1c11cc5463826fdbe14f31
c2626fd3522aec35cd5a3caa11160d13545630a06bfd45ce7fc48a2a457b5877
c6db27eb990f9ca6bad96ea333923da128956f35849581be364bcc6dc342de9c
c8aeb14eb55cd36dae845d0d5ceb285c4f771badb5764cca196d41cf98e144e2
c8f57c46a166fe9c9c244eb66ef5643dfbc12494ef17da70e6636a4f3ad4c3ab
cee56f106ed1a6060cccb0f14f79f75f54a5a1294d125528b25de48344c2bb7c
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
cf7fcc9f75c8717897bfaef72f303fab423ce1b70c98512aeb3677e4af988dee
d15dc9ec030ba4333755f03b2a8126bb6921686e9df6114a1f347a6c5fcfda01
d1c7077302a860daf797f97c2f246a89277a03184dafbdc2f2daea84cd24caf4
d71b7fd67bbf02354fa086ccadef96365da75989f191d2ecbb714f2665db41ea
d9f8fdf160360b1592d35a47f2fff43ac3d92f2dde6ec0d5dc3d0c2acb22578c
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dc6432394ff899ab504941e775edc03cf350d607e1877308ed1eb4911fd03f5f
deba037b78c3c02c062545c841110d1489b59c78425c187ed03760a521541e50
e21f3b2a0e9d2ff25f55f184242d809b2ecd045ee3fe35a4665b891b82bcb460
e22601bd37effdb0cde4e99c4de2431ccaf644881e489098cf64b57f03bf5f9f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41d1ae45acbf836b8dcc29544c7e41cced4211214df601d5284a7e9c7134c73
e4fb3c65470ec0c1d1ebebaefc2910cfaa58ac95ef1a2b3ca450cf87c2ff2708
e5a7439738e33f6ba4f019f53528b4f721a4d7fbeee9f0c298d3e035484dcea1
e705844d16576afd07f1c832248a5aad4e81ff986052c5ad653f4fd20fc6afa3
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
e9ef372096d4dfb897e106d9ef7fbec76543b6737c6a5c9523acefa95c80413d
ebf0d160106e146cfa4a8017e79b845534b7bff2a38d34d78e784b95a147d95e
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0a30837160b46b3440205fffcc85d83f691727a70b437508276c331b5acd7d2
f258fd7d2d108695d07111efb5394ab185059b9e0814be4f9de6782cae0916cc
f2ad6430485b32b937a1d6c36fdb6f83a810499ca871fd08918c2abebdd6fd8d
f3e707799c4b8c1017aaed1c78432af2cc213ea88229312c1b2d621aa0ade9ef
f56ccb2db87aacedd9415232e40f80bff9939703df2f9c3f9ec8a092e545349f
f5aeae48223cbd2a32d8e1a16881a18ce163e8be4573b207f5c8b310332dd82e
ffeee4401a9f2216f3f83341fc13310339b4adec18270b2825aaced0afbfee0a

cyberscoop.com Open in urlscan Pro 18.66.112.24 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

246 Requests

98 %HTTPS

69 %IPv6

26 Domains

42 Subdomains

39 IPs

4 Countries

3467 kBTransfer

9100 kBSize

31 Cookies

20 Outgoing links

Redirected requests

246 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

cyberscoop.com Open in urlscan Pro
18.66.112.24 Public Scan

Screenshot
Live screenshot

Full Image

246
Requests

98 %
HTTPS

69 %
IPv6

26
Domains

42
Subdomains

39
IPs

4
Countries

3467 kB
Transfer

9100 kB
Size

31
Cookies

246 HTTP transactions
7 data transactions