www.thewyco.com Open in urlscan Pro
104.21.40.77 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-...
Submission Tags: falconsandbox
Submission: On October 13 via api (October 13th 2021, 1:20:53 pm UTC) from US — Scanned from DE

Summary HTTP 32 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 10 IPs in 2 countries across 8 domains to perform 32 HTTP transactions. The main IP is 104.21.40.77, located in and belongs to CLOUDFLARENET, US. The main domain is www.thewyco.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 2nd 2021. Valid for: a year.

This is the only time www.thewyco.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
6	104.21.40.77 104.21.40.77	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.250.185.234 142.250.185.234	15169 (GOOGLE) (GOOGLE)
6	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
2	172.217.16.136 172.217.16.136	15169 (GOOGLE) (GOOGLE)
8	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
3	142.250.185.142 142.250.185.142	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
2	142.250.186.98 142.250.186.98	15169 (GOOGLE) (GOOGLE)
2	142.250.181.225 142.250.181.225	15169 (GOOGLE) (GOOGLE)
1	216.58.212.132 216.58.212.132	15169 (GOOGLE) (GOOGLE)
32	10

6 104.21.40.77 (None, )

ASN13335 (CLOUDFLARENET, US)

www.thewyco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
img.thewyco.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f10.1e100.net

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.136 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 142.250.185.142 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s50-in-f14.1e100.net

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.98 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f2.1e100.net

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.181.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f1.1e100.net

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.132 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: ams15s21-in-f4.1e100.net

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
8	doubleclick.net googleads.g.doubleclick.net	12 KB
8	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	181 KB
6	thewyco.com www.thewyco.com img.thewyco.com	99 KB
3	google.com adservice.google.com www.google.com	2 KB
3	google-analytics.com www.google-analytics.com	20 KB
2	googletagmanager.com www.googletagmanager.com	88 KB
1	googleadservices.com partner.googleadservices.com	655 B
1	googleapis.com ajax.googleapis.com	34 KB
32	8

	Domain	Requested by
8	googleads.g.doubleclick.net	pagead2.googlesyndication.com
6	pagead2.googlesyndication.com	www.thewyco.com pagead2.googlesyndication.com tpc.googlesyndication.com
5	www.thewyco.com	www.thewyco.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	tpc.googlesyndication.com	pagead2.googlesyndication.com tpc.googlesyndication.com
2	adservice.google.com	pagead2.googlesyndication.com
2	www.googletagmanager.com	www.thewyco.com www.googletagmanager.com
1	www.google.com	tpc.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	img.thewyco.com	www.thewyco.com
1	ajax.googleapis.com	www.thewyco.com
32	11

This site contains links to these domains. Also see Links.

Domain
www.dreampirates.in

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-07-02` - `2022-07-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
*.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh
www.google.com GTS CA 1C3	`2021-09-13` - `2021-11-20`	2 months	crt.sh

This page contains 11 frames:

Primary Page: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
Frame ID: EAB35EDCC11B136A405E61721520B4A9
Requests: 20 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html
Frame ID: 1C93881395C32E4950625F06CEE79258
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=2905302740&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1634131248&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248321&bpp=3&bdt=993&idt=105&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=8033072393964&frm=20&pv=2&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=246&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dEC9qxne3F&p=https%3A//www.thewyco.com&dtd=121
Frame ID: 07636C31774E831FB29960F302CFAAEC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=8480768559&adk=4178970724&adf=4065594387&pi=t.ma~as.8480768559&w=253&fwrn=4&fwrnh=100&lmt=1634131248&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248324&bpp=1&bdt=996&idt=122&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=823x200&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1101&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1PBNrWZTMN&p=https%3A//www.thewyco.com&dtd=125
Frame ID: 5D3C01220DDEEB4C29140D12413378DF
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1634131248&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248334&bpp=1&bdt=1006&idt=130&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=823x200%2C253x600&nras=1&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=135
Frame ID: A9778ECFD7B9AC538397A2CB4FF4A061
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=1642080621&pi=t.aa~a.380589544~i.10~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0&nras=2&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=1240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QdNCCcsJbt&p=https%3A//www.thewyco.com&dtd=11
Frame ID: 49C6F1760D923F21376D4D7E5EB1C9B5
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2695987157&pi=t.aa~a.380589544~i.14~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=1672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8PrUacCJI3&p=https%3A//www.thewyco.com&dtd=16
Frame ID: 3AE780403F1AA254E398E608427358F7
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=238677116&pi=t.aa~a.380589544~i.20~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1397&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280%2C783x280&nras=4&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3Yeu4vTX6I&p=https%3A//www.thewyco.com&dtd=21
Frame ID: C364DD5CD297468973FE404A7BD1C773
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=90&adk=3275662897&adf=3971266878&pi=t.aa~a.380589544~i.26~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x90&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=0&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280%2C783x280%2C783x280&nras=5&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=CR1dC3TQcc&p=https%3A//www.thewyco.com&dtd=28
Frame ID: 9184ADC5FD8AA579C0902FD7A3D2CD44
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 55B67AE2DAAD7D1D5AA28ED8438BDC2E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 8DD268349961A871B8B67DA54E37BD1C
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Pompeo blames Russia for ‘significant’ cyberattack on US government agencies, companies | TheWyco

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AMP (JavaScript frameworks) Expand

Overall confidence: 100%
Detected patterns

<link rel="amphtml"

Disqus (Comment Systems) Expand

Overall confidence: 100%
Detected patterns

<div[^>]+id="disqus_thread"

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

32
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

436 kB
Transfer

1179 kB
Size

7
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: https://www.dreampirates.in/
Title: DreamPirates

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

32 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020 Show response
www.thewyco.com/news/ 20 KB
7 KB 710ms
666ms Document
text/html 104.21.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.40.77 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare / PHP/8.0.7

Resource Hash

8cfbc7f22102dc53c766e0bd80970606be2d9abc0bb62ea9ec8270eec18bf339

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:method: GET
:authority: www.thewyco.com
:scheme: https
:path: /news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

date: Wed, 13 Oct 2021 13:20:47 GMT
content-type: text/html; charset=UTF-8
x-powered-by: PHP/8.0.7
set-cookie: PHPSESSID=shc6attd852f9o5k9rab0qn1n1; path=/; secure
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
vary: Accept-Encoding
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FGE5pRKjk4pDvibPQBd2z51YMxFgaprE%2BK7zT0laXFEPImtkfMuijAwmGxxobuqYa0IZ4nQXYHgnhvYc1HLwas%2FooByUhE7l5CrWzgk2DYDIFu1MAnLxsRHVxcIrCVc9eW4%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=0
server: cloudflare
cf-ray: 69d8de03ab25f9d6-PRG
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 bootstrap.min.css
www.thewyco.com/admin/css/ 156 KB
25 KB 837ms
836ms Stylesheet
text/css 104.21.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewyco.com/admin/css/bootstrap.min.css

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.21.40.77 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /admin/css/bootstrap.min.css
pragma: no-cache
cookie: PHPSESSID=shc6attd852f9o5k9rab0qn1n1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.thewyco.com
referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Apr 2020 06:46:35 GMT
server: cloudflare
etag: W/"26f1b-5ea7d14b-99146b7ee84570ef;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7t%2B6RAvTyRmiLjS9PeUyDpMy9%2FnkK3YHWUad3x5s0s0PiYN1bdv6bnEjJO%2BQGbYwKcqw4VBakTocsfsSWix3X9Iup%2FW9%2B86i9yNSAVgjBCJj7cGdcq%2Bk4n7s9TgnsLJB9hU%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 69d8de07fc27f9d6-PRG
expires: Wed, 20 Oct 2021 13:20:47 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1.12.4/ 95 KB
34 KB 29ms
8ms Script
text/javascript 142.250.185.234
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1.12.4/jquery.min.js

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.234 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s53-in-f10.1e100.net

Software

sffe /

Resource Hash

668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Tue, 12 Oct 2021 13:06:24 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 87263
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33951
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="hosted-libraries-pushers"
expires: Wed, 12 Oct 2022 13:06:24 GMT

GET
H3 200 logo.png
www.thewyco.com/include/images/ 47 KB
48 KB 1120ms
1120ms Image
image/png 104.21.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewyco.com/include/images/logo.png

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.40.77 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

620eeeb17ef852159ec99f4df33a8bbd1feaf70a2f7b2d167074e3a7109c7b50

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /include/images/logo.png
pragma: no-cache
cookie: PHPSESSID=shc6attd852f9o5k9rab0qn1n1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thewyco.com
referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:49 GMT
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length: 48527
last-modified: Thu, 27 May 2021 16:03:56 GMT
server: cloudflare
etag: "bd8f-60afc2ec-92b3b2c2f03d2e20;;;"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F9fcOoc7SEnXIa6jVGFmKxGTc4wWVj9U1DpuvMSCq2X%2BLWh6yUHixLnp034%2FvWAhYX5a7d%2Fj8%2F%2B7JehzJ1QraRckpYllDCKIZsDhl24Txpck6qaAaEbA9zsEkjs%2FyeYfCOQ%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: public, max-age=2592000
x-turbo-charged-by: LiteSpeed
accept-ranges: bytes
cf-ray: 69d8de0d3b692790-PRG
expires: Fri, 12 Nov 2021 13:20:48 GMT

GET
H3 404 5911kumpulan.jpg
www.thewyco.com/include/images/ 2 KB
2 KB 590ms
590ms Image
text/html 104.21.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewyco.com/include/images/5911kumpulan.jpg

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.40.77 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f82768f6a6c8506e06a1e65e805cf49aedd8b01eb164a4c2ac70a86568051ff2

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /include/images/5911kumpulan.jpg
pragma: no-cache
cookie: PHPSESSID=shc6attd852f9o5k9rab0qn1n1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.thewyco.com
referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: br
cf-cache-status: MISS
last-modified: Tue, 09 Jul 2019 06:18:14 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Hk775obq8zhHIHF5BUAdNvccxjiQZcG0zWkaR0T6Jge8mtKE415vXwQblw0QuRvaztZeM8S342%2BMGr5ksL9ZlJIRXpqCrAt3EZMCqhLBl37HkC1SzH3ZH1mv0UcXQHnTIrA%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
cache-control: max-age=14400
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-turbo-charged-by: LiteSpeed
strict-transport-security: max-age=0
cf-ray: 69d8de0d4b6d2790-PRG
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 145 KB
51 KB 80ms
45ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

eaecc282a5dba3d4c0f21f713d6c2ad7fd0141332a32427d87580f21ac4c8531

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51389
x-xss-protection: 0
server: cafe
etag: 627319541150676517
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 13:20:48 GMT

GET
H3 200 bootstrap.min.js Show response
www.thewyco.com/admin/js/ 59 KB
17 KB 822ms
822ms Script
application/x-javascript 104.21.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewyco.com/admin/js/bootstrap.min.js

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

QUIC, , AES_128_GCM

Server

104.21.40.77 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

:path: /admin/js/bootstrap.min.js
pragma: no-cache
cookie: PHPSESSID=shc6attd852f9o5k9rab0qn1n1
accept-encoding: gzip, deflate, br
accept-language: de-DE,de;q=0.9
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.thewyco.com
referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
:scheme: https
sec-fetch-site: same-origin
:method: GET
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: MISS
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
last-modified: Tue, 28 Apr 2020 06:46:35 GMT
server: cloudflare
etag: W/"ea6a-5ea7d14b-12b874df40ee33bb;gz"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=0
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZT6gwBGvBRd3ZS5tt4OQ9gya7vLw%2BI%2FmVdEItdQCSlgBXYK%2BKSXfN7%2FdObiPJD7fKmUXYpWIYoYIoeLwltTfCSKyWQ0LhkQ0LUQDGZkgWkVq2muAjaqfnOhlCcBkpCc3BTM%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/x-javascript
cache-control: public, max-age=604800
x-turbo-charged-by: LiteSpeed
cf-ray: 69d8de0829f02790-PRG
expires: Wed, 20 Oct 2021 13:20:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 100 KB
39 KB 83ms
42ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-NLF5KZV

Requested by

Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

6debdc0a56cd72115974f9b25fb8705b8f97b685e5db1f46dc709d6ccd0da057

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39659
x-xss-protection: 0
last-modified: Wed, 13 Oct 2021 12:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Wed, 13 Oct 2021 13:20:48 GMT

GET
H2 404 7611Screenshot_35.png.webp
img.thewyco.com/30-01-2021/ 0
0 569ms
551ms Image
text/html 104.21.40.77
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://img.thewyco.com/30-01-2021/7611Screenshot_35.png.webp
Requested by: Host: www.thewyco.com
URL: https://www.thewyco.com/news/pompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.21.40.77 -, , ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 200 show_ads_impl_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/ 272 KB
97 KB 67ms
46ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

017533b65890dc9fad4d486d3479b79fae4a3212abdbe6df969220d1fc5c2dd4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 99713
x-xss-protection: 0
server: cafe
etag: 3877771964379470727
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Wed, 13 Oct 2021 13:20:48 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/ Frame 1C93 10 KB
5 KB 30ms
7ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20211011/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20211011/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Tue, 12 Oct 2021 20:21:55 GMT
expires: Tue, 26 Oct 2021 20:21:55 GMT
content-type: text/html; charset=UTF-8
etag: 414810510046348021
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4645
x-xss-protection: 0
age: 61133
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 124 KB
48 KB 46ms
32ms Script
application/javascript 172.217.16.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-Q3QCBV1TLT&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLF5KZV

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.16.136 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

bae90e04d5b60355c586e0fd6db21f0d0cb972033d227f91b16a805e595a2aba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: br
server: Google Tag Manager
access-control-allow-headers: Cache-Control
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
strict-transport-security: max-age=31536000; includeSubDomains
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49506
x-xss-protection: 0
expires: Wed, 13 Oct 2021 13:20:48 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 51ms
14ms Script
text/javascript 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-NLF5KZV

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 28 Sep 2021 21:34:48 GMT
server: Golfe2
age: 2031
date: Wed, 13 Oct 2021 12:46:57 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19887
expires: Wed, 13 Oct 2021 14:46:57 GMT

POST
H3 204 collect
www.google-analytics.com/g/ 0
17 B 29ms
14ms Ping
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-Q3QCBV1TLT&gtm=2oeab0&_p=197331372&sr=1600x1200&ul=en-us&cid=2083892373.1634131248&_s=1&dl=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&dt=Pompeo%20blames%20Russia%20for%20%E2%80%98significant%E2%80%99%20cyberattack%20on%20US%20government%20agencies%2C%20companies%20%7C%20TheWyco&sid=1634131248&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-Q3QCBV1TLT&l=dataLayer&cx=c
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.142 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s50-in-f14.1e100.net
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thewyco.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 13:20:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thewyco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 201 B
655 B 70ms
29ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.thewyco.com&callback=_gfp_s_&client=ca-pub-5395059096458965

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

edfb2e0341474ba34eb677660f3f448045c72630f6a185952f7ee64e0463bbd5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 190
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
570 B 38ms
16ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thewyco.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 0763 436 B
236 B 224ms
201ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=2905302740&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1634131248&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248321&bpp=3&bdt=993&idt=105&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=8033072393964&frm=20&pv=2&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=246&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dEC9qxne3F&p=https%3A//www.thewyco.com&dtd=121

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e90a08bcb4f28390418aa588dd88babc18ca959c69be3d9ec68c80c1421bca42

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=200&slotname=1334335573&adk=2515041999&adf=2905302740&pi=t.ma~as.1334335573&w=823&fwrn=4&lmt=1634131248&rafmt=11&psa=0&format=823x200&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248321&bpp=3&bdt=993&idt=105&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&correlator=8033072393964&frm=20&pv=2&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&rplot=4&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=246&ady=660&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=1&uci=a!1&fsb=1&xpc=dEC9qxne3F&p=https%3A//www.thewyco.com&dtd=121
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:48 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 13:35:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 5D3C 436 B
235 B 490ms
473ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=8480768559&adk=4178970724&adf=4065594387&pi=t.ma~as.8480768559&w=253&fwrn=4&fwrnh=100&lmt=1634131248&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248324&bpp=1&bdt=996&idt=122&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=823x200&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1101&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1PBNrWZTMN&p=https%3A//www.thewyco.com&dtd=125

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

bda2c73094ca33df969a96d0a76ec256cfef90deb37ac4e2a4e3d252b678093d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=600&slotname=8480768559&adk=4178970724&adf=4065594387&pi=t.ma~as.8480768559&w=253&fwrn=4&fwrnh=100&lmt=1634131248&rafmt=1&psa=0&format=253x600&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=4&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248324&bpp=1&bdt=996&idt=122&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=823x200&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=1101&ady=81&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CpeE%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&fsb=1&xpc=1PBNrWZTMN&p=https%3A//www.thewyco.com&dtd=125
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:48 GMT
server: cafe
content-length: 212
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 13:35:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:48 GMT
cache-control: private

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 14ms
14ms XHR
text/plain 142.250.185.142
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j94&a=197331372&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&ul=en-us&de=UTF-8&dt=Pompeo%20blames%20Russia%20for%20%E2%80%98significant%E2%80%99%20cyberattack%20on%20US%20government%20agencies%2C%20companies%20%7C%20TheWyco&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YADAAAABAAAAAC~&jid=800102782&gjid=2110121511&cid=2083892373.1634131248&tid=UA-66414585-21&_gid=1267286305.1634131248&_r=1&gtm=2wgab0NLF5KZV&z=261666284

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.142 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s50-in-f14.1e100.net

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thewyco.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 13:20:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thewyco.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame A977 22 KB
5 KB 223ms
223ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1634131248&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248334&bpp=1&bdt=1006&idt=130&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=823x200%2C253x600&nras=1&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=135

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

4fefb1659924c59c4cafa3d90517557bc9a9dca62d74bd0d654148c67b2bfb3d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&adk=1812271804&adf=3025194257&lmt=1634131248&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&ea=0&flash=0&pra=7&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248334&bpp=1&bdt=1006&idt=130&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&prev_fmts=823x200%2C253x600&nras=1&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=3&uci=a!3&fsb=1&dtd=135
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:48 GMT
server: cafe
content-length: 5386
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 13-Oct-2021 13:35:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:48 GMT
cache-control: private

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 35ms
20ms Script
application/javascript 142.250.186.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.thewyco.com

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.98 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f2.1e100.net

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 13:20:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 49C6 436 B
234 B 329ms
329ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=1642080621&pi=t.aa~a.380589544~i.10~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0&nras=2&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=1240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QdNCCcsJbt&p=https%3A//www.thewyco.com&dtd=11

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

52b1efe8b0aefc397270d4ca4c29676a276616ad57c29a98d00c30ceb520c562

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=1642080621&pi=t.aa~a.380589544~i.10~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0&nras=2&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=1240&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=4&uci=a!4&btvi=1&fsb=1&xpc=QdNCCcsJbt&p=https%3A//www.thewyco.com&dtd=11
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:49 GMT
server: cafe
content-length: 210
x-xss-protection: 0
set-cookie: IDE=AHWqTUmjsa3TGDK38m0zlAdyyyupg4s6dmpJD-9I34kmSdsvAIdYdWwnggEMKeqhcTg; expires=Fri, 13-Oct-2023 13:20:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:49 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 3AE7 436 B
237 B 256ms
255ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2695987157&pi=t.aa~a.380589544~i.14~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=1672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8PrUacCJI3&p=https%3A//www.thewyco.com&dtd=16

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

e5b0115388de58ee134b8858831cf581a56241085490a17e30c689829e27876e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=2695987157&pi=t.aa~a.380589544~i.14~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280&nras=3&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=1672&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=5&uci=a!5&btvi=2&fsb=1&xpc=8PrUacCJI3&p=https%3A//www.thewyco.com&dtd=16
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:48 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: IDE=AHWqTUl4ap55-wbx2Xh8Hg9Yqz7oJlO8Wt4hVURJ5qehmB7v_wulwqK8aXEFfCUNXic; expires=Fri, 13-Oct-2023 13:20:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:48 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame C364 436 B
235 B 306ms
306ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=238677116&pi=t.aa~a.380589544~i.20~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1397&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280%2C783x280&nras=4&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3Yeu4vTX6I&p=https%3A//www.thewyco.com&dtd=21

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

810a33daf83c3492a78f5453661843bf534b9e3668337400e34adfc704c68585

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=280&adk=1452030048&adf=238677116&pi=t.aa~a.380589544~i.20~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x280&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1397&idt=-M&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280%2C783x280&nras=4&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=2192&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=6&uci=a!6&btvi=3&fsb=1&xpc=3Yeu4vTX6I&p=https%3A//www.thewyco.com&dtd=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:49 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: IDE=AHWqTUmo3_N3rIggP2Ka0PauQDDwW9au929db4E5k4UgJDXRkogHXHc7Y2EA4RaPGPw; expires=Fri, 13-Oct-2023 13:20:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:49 GMT
cache-control: private

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 9184 436 B
235 B 308ms
308ms Document
text/html 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-5395059096458965&output=html&h=90&adk=3275662897&adf=3971266878&pi=t.aa~a.380589544~i.26~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x90&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=0&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280%2C783x280%2C783x280&nras=5&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=CR1dC3TQcc&p=https%3A//www.thewyco.com&dtd=28

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

71831e3ce07ad5f8f824ea1cc20e3940be43268104e75689b386d2ec4116641c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-5395059096458965&output=html&h=90&adk=3275662897&adf=3971266878&pi=t.aa~a.380589544~i.26~rp.4&w=783&fwrn=4&fwrnh=100&lmt=1634131248&num_ads=1&rafmt=1&armr=3&sem=mc&pwprc=7136154782&psa=1&ad_type=text_image&format=783x90&url=https%3A%2F%2Fwww.thewyco.com%2Fnews%2Fpompeo-blames-russia-for-significant-cyberattack-on-us-government-agencies-companies-19-12-2020&flash=0&fwr=0&pra=3&rh=196&rw=783&rpe=1&resp_fmts=3&wgl=1&fa=27&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634131248726&bpp=1&bdt=1398&idt=0&shv=r20211011&mjsv=m202110050101&ptt=9&saldr=aa&abxe=1&cookie=ID%3Dcfba0b656f0863b1-22328298f3ca0016%3AT%3D1634131248%3ART%3D1634131248%3AS%3DALNI_MbwqytMbRMdsuMfoivUceFfUeKacw&prev_fmts=823x200%2C253x600%2C0x0%2C783x280%2C783x280%2C783x280&nras=5&correlator=8033072393964&frm=20&pv=1&ga_vid=2083892373.1634131248&ga_sid=1634131248&ga_hid=197331372&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=266&ady=2688&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062423%2C31063103&oid=2&pvsid=1739337473196060&pem=741&eae=0&fc=384&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=128&bc=31&ifi=7&uci=a!7&btvi=4&fsb=1&xpc=CR1dC3TQcc&p=https%3A//www.thewyco.com&dtd=28
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 13 Oct 2021 13:20:49 GMT
server: cafe
content-length: 211
x-xss-protection: 0
set-cookie: IDE=AHWqTUm9iqMhK6ABrwIFFqwkcb-Ntz5bsvDMoKM7PDC--Gs9QzODqTXGf6iqsrrp9wc; expires=Fri, 13-Oct-2023 13:20:48 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 13 Oct 2021 13:20:49 GMT
cache-control: private

GET
H3 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 36ms
21ms XHR
application/json 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211011&st=env

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

da5a71b1027e7ef72faa687c7dd74bdafb4ccf8c74902a1d9fdebbcaaba618cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 13 Oct 2021 13:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8471
x-xss-protection: 0

GET
H2 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
7 KB 50ms
28ms Script
text/javascript 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110050101/show_ads_impl_fy2019.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Wed, 13 Oct 2021 13:20:49 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
expires: Wed, 13 Oct 2021 13:20:49 GMT

GET
H3 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 55B6 12 KB
5 KB 24ms
6ms Document
text/html 142.250.181.225
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.225 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f1.1e100.net

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length: 5029
date: Wed, 13 Oct 2021 13:03:42 GMT
expires: Thu, 13 Oct 2022 13:03:42 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1027
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 8DD2 783 B
1 KB 44ms
17ms Document
text/html 216.58.212.132
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.132 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s21-in-f4.1e100.net

Software

GSE /

Resource Hash

e8b8924f279ff47240b9c078a4215c65f326d861b70d090ff8826da07f409e3a

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-jUtbiNG1XuBtVXVZdjLnGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language: de-DE,de;q=0.9
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.thewyco.com/
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/

Response headers

cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires: Wed, 13 Oct 2021 13:20:49 GMT
date: Wed, 13 Oct 2021 13:20:49 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-jUtbiNG1XuBtVXVZdjLnGg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 513
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js Show response
pagead2.googlesyndication.com/bg/ Frame 55B6 35 KB
13 KB 14ms
14ms Script
text/javascript 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Op0h1o4bLATv4Gekw87wLIhuIhk3mUgQ1PXLVSVUXpk.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

sffe /

Resource Hash

3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date: Mon, 11 Oct 2021 10:30:14 GMT
content-encoding: br
x-content-type-options: nosniff
age: 183035
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13306
x-xss-protection: 0
last-modified: Tue, 05 Oct 2021 11:38:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="botguard-scs"
expires: Tue, 11 Oct 2022 10:30:14 GMT

GET
H3 204 sodar
pagead2.googlesyndication.com/pagead/ Frame 8DD2 0
0 64ms
63ms Image
text/html 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211011&jk=1739337473196060&rc=
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 142.250.185.194 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra16s52-in-f2.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
20 B 50ms
50ms Image
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211011&jk=1739337473196060&bg=!ammlaS3NAAbGFvHlxhY7ACkAdvg8Wg9nLtapb5bzxBOJ_NATZu4YYwFUnvqE54h6oKAGgZj8ygoBwAIAAABjUgAAAAdoAQcKAGsDMtlOx7dMOzkqUGQ-lZwQ1DYBL9f1ZoeLX460scqxp8fzt2jhjnZD3A1K41Mg5CdTjqtbvQY7vvmPlPcLtAEogiKtbOhwy7SobPkP2R-QsPwkxE_XYK828WzvBksPh1H4AVyrY-PQXzJqVJkCvi6Og09gSJJEgHweu18-EsvPu_kAtlDgnz0CLnD4vgIV_Ee24JGDRz3qIj-mHWL8cCVK5fMtgHJzaMEwCZUjDd9I6yHqNS776RI1lxbPHQ0be0DSEOkI8tRNvgEAkakIskh35U1VGQtsBAerbzsfFzL6hgObQQExYjVEeRKkDiQn1At3A5DpSvJMGzVxZJJ3ghqkK0P4yapLYKFr01jEZFJa1wNbbi2sZPA4Kc0h26ZYE5h5HffB8LAjtzQ72dYRYtcRCgFGrhP1SR_DunHeU9LZpJgUl0e8L6K_OpqWu7s-I-sZyx1tj7dfRmy2mW3IU6r3wj3iaimrxyfTxgm4Sa_fH-3_4PsBhI-Yytv7SzW5nUc1oyc6BbhWiU8viBu04_J9DnOeP5ZhcwedYn8t7I6qqITEqPookjyGaP8cV5iZjlgwoYfnlYCenoHictdi4zvdsOM0TFYhFRFSGDAjzJCZ8_k2Tr5itVM-wtG8Hj2KybEUpELyD1EKplMi6JoBWpntcylJFOlUsdp8PHoyFdvdkrN4kC86H--kwS3t-1XPB0UPKd4AavFnZrXtB_mT2vGKGZcoFrJq7ou2oMswbORlvOGwQHeCY2QbB_XPr7tUcQmrOP_y22a7wJjgliHYCFnip2tdGZ27aJCXUWc6Od6KF1hPwMdUcH_Az77wCLyHpXtWLFQiahuC4D8EwtCkWDhBwDw7EHJZL8vT99e1kki9AIeBd_lu5mW2MK4rlNBurKNSP4xG2T4PEEKucidXzXfzgkR8mGmgYwafPzYO3c0rfdp4SN2dKCSHdCUs0pYthwUr-DlUiVwnq24lOeSZNsCxTKoBW1pORKT9yr2Ug8r8MCLCadFtyCK_i8Hy1yX8V-o3Xhjred3vZZF_917uFskpqiHW-yXbHaGtWmoQK3Cl5Yeg06zClpTcU8qZpg

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://www.thewyco.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 13 Oct 2021 13:20:49 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

57 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thewyco.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: shc6attd852f9o5k9rab0qn1n1
.thewyco.com/	1970-01-20 15:26:43	Name: _ga_Q3QCBV1TLT Value: GS1.1.1634131248.1.0.1634131248.0
.thewyco.com/	1970-01-20 15:26:43	Name: _ga Value: GA1.2.2083892373.1634131248
.thewyco.com/	1970-01-19 21:56:57	Name: _gid Value: GA1.2.1267286305.1634131248
.thewyco.com/	1970-01-19 21:55:31	Name: _gat_UA-66414585-21 Value: 1
.thewyco.com/	1970-01-20 07:17:07	Name: __gads Value: ID=cfba0b656f0863b1-22328298f3ca0016:T=1634131248:RT=1634131248:S=ALNI_MbwqytMbRMdsuMfoivUceFfUeKacw
.doubleclick.net/	1970-01-20 15:26:43	Name: IDE Value: AHWqTUmjsa3TGDK38m0zlAdyyyupg4s6dmpJD-9I34kmSdsvAIdYdWwnggEMKeqhcTg

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.thewyco.com/include/images/5911kumpulan.jpg Message: Failed to load resource: the server responded with a status of 404 ()
network	error	URL: https://img.thewyco.com/30-01-2021/7611Screenshot_35.png.webp Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=0

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
googleads.g.doubleclick.net
img.thewyco.com
pagead2.googlesyndication.com
partner.googleadservices.com
tpc.googlesyndication.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.thewyco.com
104.21.40.77
142.250.181.225
142.250.184.226
142.250.185.142
142.250.185.194
142.250.185.234
142.250.186.34
142.250.186.98
172.217.16.136
216.58.212.132
017533b65890dc9fad4d486d3479b79fae4a3212abdbe6df969220d1fc5c2dd4
2ff5b959fa9f6b4b1d04d20a37d706e90039176ab1e2a202994d9580baeebfd6
3a9d21d68e1b2c04efe067a4c3cef02c886e221937994810d4f5cb5525545e99
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
4fefb1659924c59c4cafa3d90517557bc9a9dca62d74bd0d654148c67b2bfb3d
52b1efe8b0aefc397270d4ca4c29676a276616ad57c29a98d00c30ceb520c562
5aa53525abc5c5200c70b3f6588388f86076cd699284c23cda64e92c372a1548
620eeeb17ef852159ec99f4df33a8bbd1feaf70a2f7b2d167074e3a7109c7b50
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6debdc0a56cd72115974f9b25fb8705b8f97b685e5db1f46dc709d6ccd0da057
71831e3ce07ad5f8f824ea1cc20e3940be43268104e75689b386d2ec4116641c
810a33daf83c3492a78f5453661843bf534b9e3668337400e34adfc704c68585
8cfbc7f22102dc53c766e0bd80970606be2d9abc0bb62ea9ec8270eec18bf339
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
bae90e04d5b60355c586e0fd6db21f0d0cb972033d227f91b16a805e595a2aba
bda2c73094ca33df969a96d0a76ec256cfef90deb37ac4e2a4e3d252b678093d
da5a71b1027e7ef72faa687c7dd74bdafb4ccf8c74902a1d9fdebbcaaba618cf
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5b0115388de58ee134b8858831cf581a56241085490a17e30c689829e27876e
e8b8924f279ff47240b9c078a4215c65f326d861b70d090ff8826da07f409e3a
e90a08bcb4f28390418aa588dd88babc18ca959c69be3d9ec68c80c1421bca42
eaecc282a5dba3d4c0f21f713d6c2ad7fd0141332a32427d87580f21ac4c8531
edfb2e0341474ba34eb677660f3f448045c72630f6a185952f7ee64e0463bbd5
f694b4fc5d667777e89694296218e249226ae1670bbe90a8a345f9f75298b9cd
f82768f6a6c8506e06a1e65e805cf49aedd8b01eb164a4c2ac70a86568051ff2
fc27aed7787a4f63d2feba50e6bc6122ac3c5479456d40c0a445899a08ad92f3

www.thewyco.com Open in urlscan Pro 104.21.40.77 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

32 Requests

100 %HTTPS

0 %IPv6

8 Domains

11 Subdomains

10 IPs

2 Countries

436 kBTransfer

1179 kBSize

7 Cookies

1 Outgoing links

Redirected requests

32 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.thewyco.com Open in urlscan Pro
104.21.40.77 Public Scan

Screenshot
Live screenshot

Full Image

32
Requests

100 %
HTTPS

0 %
IPv6

8
Domains

11
Subdomains

10
IPs

2
Countries

436 kB
Transfer

1179 kB
Size

7
Cookies

32 HTTP transactions
0 data transactions